Issue:
Windows 7 and Windows Server 2008 R2 (unpatched) as well as previous versions of Windows do not trust code signed with any SHA256 certificates, and as well lack Support for multiple signatures, causing issues support for kernel-mode code signed with a SHA-256 certificate.
Proposed Workaround:
SHA-256 is now the industry-standard signature hash algorithm for code signing certificates. It also provides stronger security and is the recommended replacement algorithm to SHA-1. This migration is a natural progression to the more secure SHA-256 algorithm and not a response to any immediate security threat
Solution:
For Windows 7 clients who are still having issues, you can update those systems so Windows will trust code signed with a SHA-256 certificate.
The recommended operating system software update is available from Microsoft TechNet: Microsoft Security Advisory 3033929.
Reference info:
The following link points to an article that provides further information:
https://charismathics.zendesk.com/hc/en-us/articles/231993568-How-to-enable-SHA2-Support-on-Windows-7