Unfortunately it probably wouldn't help the Window's masses but one thing that is common in the Linux realm is the concept of digitally signing software with GPG keys as well as SHA-1 and MD5 sums. While not a perfect system, as long as you can verify that the software signer is legit and their key hasn't been compromised, you can be certain you don't download a version containing a Trojan.
For some reason whenever I mention this to our major software vendors, they look at me like just got off the boat from some foreign place and I'm still speaking that language.