I still don't quite understand this though. The mechanism is to detect whether code has been tampered with. You do not need a developer account to sign anything and can basically sign yourself with blank details. Another person could re-sign the code themselves if they wanted to as well. In what way would or could Apple prevent this code from being run?
As for not being able to download code from GitHub and compiling it - that isn't the case. It will simply create and sign the code with an ad-hoc signature during compile time.
Also how does this differ from say Microsoft or Apple preventing programs from running which have been flagged by Defender/XProtect.