Code signing just says that the code was blessed by someone's certificate who at one time showed an id to someone else. Nothing to do with whether the content being signed is malicious (at least on some platforms).