Are you sure this isn't about Apple trying to prevent users from accidentally installing backdoor VPNs from apps that Apple hasn't vetted? I've run into the same thing on Windows. You basically can't even run a Golang app unless it's signed, and code signing is basically a racket (~$400/year) unless you distribute through the official stores.

Note defending the current state of things, but I can understand how we got here and it may not be malicious on Apple's part.