I tried the first answer literally; the first 3 commands worked but the last one leads to following error: Set-AuthenticodeSignature: Cannot bind parameter 'Certificate'. Cannot convert value "Cert:\LocalMachine\Root\5B23597B139C09A75DE9BA4F9DA5A4691EDB338B" to type "System.Security.Cryptography.X509Certificates.X509Certificate2". Error: "Die Syntax für den Dateinamen, Verzeichnisnamen oder die Datenträgerbezeichnung ist falsch." (Note that there is no error at all in the .ps1 path, between "") The same errors occurred when I added the flags -filepath and -Certificate Thus, Self-Signing appears to work only for the administrator himself. The only solution to allow other users to run the adm's selfsigned .ps1 seems to be setting ExecutionPolicy to unrestricted…