If it was so easy, why is it rare? There is lots of widely used open source software (Firefox, Webkit, Android, Apache), etc.
It may be a little easier to produce a malicious version of an open source app, but it is a LOT easier for people to realise that it is malicious because they can audit changes to the code.
It is also very difficult to distribute a malicious version. Try forking Firefox and see how many people use your version of it!
So your idea is to give MS total control, and hope they ONLY use that control to make software more secure? You are very trusting. The result would be to kill innovation, and make a lot of money for MS, and the "certified" software would be full of holes. Central planning works to an extent, but I prefer a free market approach.
Incidentally, most versions of Linux already use software installers that only install signed by trusted sources - you can install software outside the installer, or add extra trusted sources if you wish, or install unsigned software as a one off, but that is your decision and not something that most users do often (if at all).