Using self-signed certificates to digitally sign your binary files is largely contrary to the concept of using digital certificates with programs. The main idea is to prove that the code was created by you (authenticity) and has not been modified since its release (integrity). This must be done using a signed certificate signed by a trusted certificate authority (CA).
With .Net, when a binary code is digitally signed, it is automatically checked for integrity and authenticity at startup. Although I have not personally tested this, using a self-signed certificate is likely to cause you a lot of problems.
If you want to digitally sign your programs, you need to invest in a code signing certificate from the CA. There are many companies that can provide this service ( Verisign , Thawte ) for a fee.
While the board may seem a bit extreme in price, remember that you are not just buying a digital certificate, but also checking it 24/7. Each time someone launches your program, he guarantees that the program was written by you and that the program has not been modified since its release.
Once you have a certificate, you can digitally sign your program by following the steps in How to: Sign Application and Deployment Manifests .
Update: If this program is strictly an internal application (limited by you or your company), you can create your own CA. Since you will be the only one who runs it, you only need to check it. The CA certificate must be installed as a Trusted Root Certificate on all computers that will run the program (or if you have access to Windows Server, you can configure a real working CA).