Hi Richard,

> What do you mean by reputation? Is this a feature in Chrome when
> downloading exe's or something else like not triggering UAC warnings when
> its run?

behind the scenes, there is a complex "application reputation feature"
system (aka Windows SmartScreen Filter). IIRC, Microsoft introduced it nine
years ago. Google introduced a similar system a few years later.

Downloads are automatically assigned a reputation rating based on multiple
algorithms that consider many objective criteria, such as anti-virus and
anti-spyware results, download traffic, download history, and URL
reputation. Application downloads without established reputation result in
a warning that the file may be a risk to the computer.

You can build a reputation "per-file" (Application Reputation is assigned by
the hash of the downloaded file) or "per code-signing certificate".

Code-signing certificates allow reputation to be assigned to a single
identity ("per code-signing certificate") across multiple files. If you are
not code-signing your programs, reputation will be built independently for
each file you distribute. In contrast, code-signed programs may inherit the
reputation of your digital certificate.

Note: the problem with "per-file" reputation is that if you upload an update
of your application, you have to build a new reputation - you have to start
the reputation building process all over again.

For new "standard" code-signing certificates, you have to build a reputation
first:
http://www.lindersoft.com/forums/showthread.php?47837

EV Code-Signing Certificates (very expensive!) establish instant application
reputation with SmartScreen:
http://www.lindersoft.com/forums/showthread.php?47948

Friedrich