To validate your custom product package and allow its installation on macOS, the package needs to be signed and notarized.
The best and easiest way to sign and notarize the package is to obtain distribution signing certificates from Apple. For more information, refer to the Apple documentation.
You can specify your distribution certificate using the pkgbuild, productbuild or productsign utilities that are designed to build and sign product packages. After successfully signing your custom product package, you need to notarize it. For more information, refer to Notarizing macOS Software Before Distribution.
Note: By using the -allowUntrusted flag of the installer, you can bypass the certificate verification on macOS during the package installation. Some MDM solutions support the installation of unsigned packages, but it is not a recommended solution.