EV Code Signing certificate or Code Signing Certificates for Microsoft Authenticode
I've just written up a couple of blog posts on this very topic. The following three screenshots are illustrative of the progression from unsigned through standard Authenticode certificate to EV Authenticode certificate:
No digital signature
Signed with standard Authenticode certificate from DigiCert
Signed with EV Authenticode certificate from DigiCert
So unless you can amass whatever critical volume of users Microsoft deems to mean that your program is commonly downloaded, an EV certificate is the fastest way to remove the SmartScreen warnings for all users. For what it's worth, the DigiCert hardware token was very easy to use through the Windows Certificate Manager, but the $450 it cost us is admittedly quite expensive, especially for a hobby.
The purpose of paying is not stupid as it serves the entire community. The certificate is a way to ensure you are who you say you are. EV certificates require a more thorough validation.
The are cheaper EV Certificates (I think the cheapest one is Commodo's $319 per year).EV Code Signing certificate won't omit all warning as they are a result of other factors such as how many people have downloaded your software, but it will get you the minimum warnings when someone downloads your software. So I would go with the EV option. I also wrote an article about how to use it programmatically.
Certification authorities only issue an Extended Validation certificates to developer on condition that the request is on behalf of a recognised organisation for whom the developer is providing a paid service to.
Developers may apply for non-EV code signing certificates for their own use.
To learn more, try this link: