We use AppLocker in a whitelist capacity. This means that only certain folders, publishers, etc, can run on our PCs. For obvious reasons, the Appdata folder in local user profile cannot be a folder level exception, as malware commonly writes there.
In order to use Board auto-update, we would like to have the BoardWinClient.exe digitally signed in the future so that we can trust the Board publisher entirely. Is that possible?