How do attackers bypass the publisher verification prompt when installing a malicious VSTO add-in?

Attackers sign the VSTO add-in with a self-signed certificate that mimics a trusted entity (e.g., 'CN=Microsoft Windows') using tools like makecert.exe and pvk2pfx.exe. They then register this certificate in the local machine's TrustedPublisher and root stores using certmgr.exe, so VSTOInstaller.exe silently accepts the add-in without displaying a trust warning.