How to verify an executable against a digital certificate

have a .Net executable which I have digitally signed using a certificate generated through makecert.exe and signed using signtool. How to verify that exe has not been tampered or it is still using the certificate digitally signed by me.

For ex - A situation where anyone can replace the exe which is digitally signed by another certificate and placed into Trusted Root Authorities.

From various internet sources I read that the below code would just check if the certificate is valid

X509Certificate signer = X509Certificate.CreateFromSignedFile(executablePath);
X509Certificate2 certificate = new X509Certificate2(signer);
var certificateChain = new X509Chain
ChainPolicy = {

RevocationFlag = X509RevocationFlag.EntireChain,
RevocationMode = X509RevocationMode.Online,
UrlRetrievalTimeout = new TimeSpan(0, 1, 0),
VerificationFlags = X509VerificationFlags.NoFlag
var chainIsValid = certificateChain.Build(certificate);
if (chainIsValid)
And it is suggested to use WinVerifyTrust. My question is WinVerifyTrust would also validate the certificate, if the same exe is signed by another certificate deployed in Trusted Root Authorities. How can I associate the exe with my certificate? Or how the WinVerifyTrust can be helpful in this situation as mentioned everywhere? Please help!!