As mentioned, software usually needs to get signed to get a "stamp of approval". In short, this means you pay money and the signature certifies that the software is not malware of any sort. This signature may no longer work if the software (.exe) is changed or replaced, and of course it is also not a 100% guarantee that the developer of the software has not implemented anything at all that could be seen as malicious by a user. But that's how it usually goes, software signed, okay, software not signed, not trustworthy.
The situation you describe is the following: If you start something from your own pc that you have had on there and created, your system by default knows that it is your stuff and treats it differently. As soon as you download something from the web however, even if it is the same unchanged thing that already was on your pc before, it is seen as unknown by your system. So either windows itself or even your antivirus (depending on different things and how it flags it), will react to it. Sometimes it will only warn you if you really want to execute it, sometimes the smart filter of windows defender will run. and sometimes your additional antivirus will even warn you from running it in some degree (depending on how much of a threat it things it is). And to avoid this, you would need to sign it.
There are workarounds for this: If you use some editors to make your games, they can already have a signed executable. So as long as that executable is not changed in the process of creating your game, you may not get any excessive warnings (except for the usual admin control confirmation) because the executable is already known to antivirus software (if it is known enough). This makes sense, because the executable is known as save, and you have not changed it. If you change it in some way, you are back to untrusted however. And it also may not be a 100% case anyway, because potentially your game could contain other files that could be non-trustworthy anyway. It's all a question of how much your antivirus reacts to things, and executables are usually reason for a reasonably heavy reaction.
As others have said, this is therefore kind of common. At least if you look for games on platforms like itch, where everyone can upload what they created, the chance for your system being cautious about your downloads is to be expected. That means you have to decide on your own risk if you think the game/software is trustworthy or not. There is of course plenty of actual malware on the web, and as has mentioned in other topics also on itch.io, so you always have to be careful and use your common sense to check what is offered, if it is the real deal and if it makes sense to try to download and run it.
Also, yes your software *could* get manipulated while getting transferred to the platform or back, but it is usually not that easy. Because usually, either your system, your network, or the platform (itch.io) need to be vulnarable for hackers to get onto the data. You can check your system with your antivirus to make sure that it shouldn't be affected by any malware, your network should usually be secure unless you either gave away your security info or live next to a pro hacker, and itch.io from what I know is seen as secure in that regard. So malware downloads do exist, but only if you already uploaded them like that or the download on itch.io you want to access has been compromised before upload already as well. The last option is that your account has been hacked, then a hacker can of course download and upload from your projects whatever they like. But again, you either have to give away your security info for that or have to be affected by some sort of virus / hack / malicious website or download beforehand, otherwise it shouldn't be likely for your account to be compromised.