Revert "Revert "Fix signature verification" (#4333"

This reverts commit b9dfa22.

scripts/verify-sign.ps1

@@ -60,6 +60,9 @@ function Verify-Assemblies
                 elseif ($signature.SignerCertificate.Subject -eq "CN=Microsoft 3rd Party Application Component, O=Microsoft Corporation, L=Redmond, S=Washington, C=US") {
                     Write-Debug "Valid ($($signature.SignerCertificate.Thumbprint)): $Path [3rd Party]"
                 }
+                elseif ($signature.SignerCertificate.Subject -eq "CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US") {
+                    Write-Debug "Valid ($($signature.SignerCertificate.Thumbprint)): $Path [3rd Party]"
+                }
                 else {
                     # For legacy components, sign certificate is always "prod" signature. Skip such binaries.
                     if ($signature.SignerCertificate.Thumbprint -eq "98ED99A67886D020C564923B7DF25E9AC019DF26") {