Yeah, and the first comment beneath that mentions that the most recent version is signed with the "2011 CA" that the article I link to discusses being deprecated.

My guess was that he got caught up in some house-cleaning. My theory being that he's still signing his code the way malware authors also do and got flagged by some automated review that's meant to force him to go get WHCP certified or whatever the new route is.

The article you linked says the change is rolling out in April in evaluation mode.

And if it were related to some kind of scan and malware flagging, the cert would have been revoked. It is not.