See the question and my original answer on StackOverflow

Microsoft provides a way to do it in this support link: How To Get Information from Authenticode Signed Executables

You can use the WinVerifyTrust() API to verify an Authenticode signed executable.

Although a signature is verified, a program may also have to do the following:

  • Determine the details of the certificate that signed the executable.
  • Determine the date and time that the file was time stamped.
  • Retrieve the URL link associated with the file.
  • Retrieve the timestamp certificate.

This article demonstrates how to use CryptQueryObject() API to retrieve detailed information from an Authenticode signed executable.