I know you are not telling people to run it, but probably running an unsigned, unnotarized binary from a random person (with 14 HN karma) is not a good idea.

Signed or unsigned, the only real difference is did they pay Apple $100

If it’s from the App Store, it’s at least required to be sandboxed.

Just paid the 100$ and got it notarized. Still, you're downloading software from a total stranger :p .

There is a difference though. Apple does at least some amount of malware scanning during notarizarion and they have your credit card/some personalia on file, which means that they can go after you.

I know, stolen credit cards, etc. But at least it’s something (App Store would be better due to sandboxing).