Machinepolicy allsigned

hi admins,

Wanted to check what would be the best possible approach here since machinepolicy is set as allsigned then how do we use psadt to deploy applications in the environment.

Would have to sign the scripts. The toolkit is requesting scope Bypass for the installation but GPOs override that I believe.

So just signing the scripts will suffice or need to sign everything which is inside Final folder which contains SupportFiles folder, AppDeployToolKit Folder, Deploy-Application.exe, Deploy-Application.ps1, Files folder etc.
please advise how to do this or if this is correct understanding or not??