If I understand the output from DMA correctly, the assembly is labelled as SAFE, but you have signed it nevertheless?
It could be that DMA only checks for signing with asymmetric keys - or it does not check at all, since the assembly is safe, and in lower version there were no need check.
I tend to agree that this is a false alarm.