I don't know what platform you're using, what app distribution method you used, where the code was compiled, if the code was signed, where it was signed and by who, etc.
A generic answer to your question is that the software was signed by whoever compiled or distributed the software, which can include your own machine. Your own key might be in your trust store or your app distribution method might put their key in your trust store. Both macOS and Windows will treat software compiled on the same system it is run on as blessed to run without strict signing checks.
On macOS, ad-hoc certificates can be used, but the OS will treat those binaries as if they're radioactive. If you compiled code on macOS, the system will treat that software specially on that specific system and allow you to run it[1]. On Windows, certificates can be added to trust stores. Chocolatey, for example, has their own signing certificate for all of the compiled open source software they have in their repositories, so Windows allows their software to run.
The biggest issue is what comes with software distribution itself, where your code isn't blessed by default by the system it was compiled on, or doesn't have signing certificates in the users' trust stores, and Gatekeeper and Windows Defender go out of their way to stop your users from running software with signing certificates they don't like.
macOS and Windows treat binaries compiled on the machine they're run on specially. Checkout out the StackOverflow link in my OP, it gives details on how binaries compiled on the same machine they're run on don't have the 'quarantine' bit set on macOS.
A generic answer to your question is that the software was signed by whoever compiled or distributed the software, which can include your own machine. Your own key might be in your trust store or your app distribution method might put their key in your trust store. Both macOS and Windows will treat software compiled on the same system it is run on as blessed to run without strict signing checks.
On macOS, ad-hoc certificates can be used, but the OS will treat those binaries as if they're radioactive. If you compiled code on macOS, the system will treat that software specially on that specific system and allow you to run it[1]. On Windows, certificates can be added to trust stores. Chocolatey, for example, has their own signing certificate for all of the compiled open source software they have in their repositories, so Windows allows their software to run.
The biggest issue is what comes with software distribution itself, where your code isn't blessed by default by the system it was compiled on, or doesn't have signing certificates in the users' trust stores, and Gatekeeper and Windows Defender go out of their way to stop your users from running software with signing certificates they don't like.
[1] https://apple.stackexchange.com/a/426854