While this did funnel countless FOSS and commercial developers to pay MS for certificates, it didn't close even 50% of loopholes. You can still execute third party software from your own (e.g. Steam launching games you install with it). You can also use interpreters, JVM and other ways to disregard the requirement.

If fact, the reason why MS can charge for "nearly mandatory" executable signing is because it is not mandatory at all. If they really were forced to close loopholes, they would have made it free for everyone, — just like Let's Encrypt was made free of charge to establish mandatory encryption across the Web.