Perhaps this is a business opportunity for the OSF
Since they are a trusted authority and protector of authors rights, they could offer a paid for service to firms wanting to use FOSS. They wouldn't need to certify that software is bug free (since virtually no software is), but they could certify that software is not malicious. To make it fair they could charge a fixed (small) percentage of the requesting company's turnover for the check. This would work well where many companies request a check on the same piece of software. Obs they would need a large database to save the MD5 sigs of all checked software to avoid duplication. They could even act as intermediaries if said company wanted improvements to a piece of software but the author wants to remain reasonably anonymous (eg they create FOSS in their spare time but their Windows based employer insists that ALL code produced is the property of that employer).
If they make a reasonable profit they could distribute a percentage of it back the original authors although I suspect in many cases this would cost more to make sure the value of the authorship was proportionate where several coders have contributed features to a piece of software. This would encourage better quality authorship.
Obviously a lot of details would need to worked out such as
can this be done under their charter,
how do they fund the startup of the service,
where they are going to get enough checkers,
do members of OSF get checks for free or just discounted