Are you safe? Possibility of modifying a signed executable without invalidating

I came across an article about modifying a signed executable without invalidating its digital signature. The article is available at Modify a signed executable without invalidating its digital signature!! - Security - reboot.pro

The Proof of Concept package (DigitalSignatureTweaker_v1006.zip) available at http://reboot.pro/files/download/85-digitalsignaturetweaker/ can be used to modify a signed executable without invalidating its digital signature.

Now the question is - Are you sure about integrity of installer files?

Please go through the following thread to know more about the context which caused me to explore possibility of such modification of signed files.

https://forums.comodo.com/format-verified-issue-reports-cis/unknown-network-connections-displayed-in-cis-firewall-panel-v6m706-t100525.0.html

I notice the article you refer to was written over 2 years ago. As far as I know we haven’t been flooded by digitally signed malware as a result of this claimed security flaw.

Malware can only cause problems by executing malicious code. The article shows how to append data to an executable but does not claim to be able to modify the existing code. Any malicious code appended to a program would never be executed because the original code would not know of its existence.