My personal 3-3 rule. 3 download websites, 3 ways of checking.
I only download programs that are from FileHippo, Softpedia and MajorGeeks. CNET is avoided like the black plague for its CNET adware installer.
Since not all software developers get their software digitally signed I have a few options at hand, Right click VirusTotal option in Windows Explorer, Anubis, Run unknown program inside VM and use a tracer to monitor what the program does. If it appears safe I'll use it on my main OS.
I collect small helpful utilities for my toolkit USB, They are often very small in file size (<1000kb) and don't have valid signatures, By following the 3-3 rule and by using them personally to know they don't do anything fishy. All goes well.
Since I am in Windows 8 the SmartScreen will often pop up for these little utilities but I allow since I know they're safe.
If you see a weakness in my 3-3 rule let me know what and I will certainly do something about it if needed.
Thanks.