Wix Custom Bundle Error 0x80091007: Hash mismatch for path:

Apologies but my Google-fu has failed me, all I could find was ASP.Net RC1's installer having this issue and this as being vaguely relevant: Burn installer facing error .Net 45 0x80091007-The hash value is not correct.

My bundle is working fine, except for some dependencies of an exepackage which are throwing an error when they unpack:

[16EC:1320][2017-07-24T11:33:25]e000: Error 0x80091007: Hash mismatch for path: C:\ProgramData\Package Cache\65D4FC25E4F02CCC325917AE7EA5987BA52497DA\MOMCertImport.exe, expected: 06BD98583C73B9D97A54472EDF0A00D590024A67, actual: 87FD653C06C4D638C83182FD43AD37E83C757492
[16EC:1320][2017-07-24T11:33:25]e000: Error 0x80091007: Failed to verify hash of payload: pay2F6419EC3C4EF736B4C9257552A6C584

From what I have found on Google my understanding is that when the bundle is built a hash value is generated. Then when the bundle is executed a new hash value is generated and the two are compared to make sure that the bundle has not been tampered with. This all makes perfect sense however the three files failing the test in my bundle are not being altered once the bundle has been built. The exepackage and payload files are being declared like this:

  <ExePackage Id="PowerONPulseConfigProd"
              Cache="yes"
              Compressed="yes"
              InstallCommand='-ai -o certificate -c "[CompanyName]"'
              InstallCondition='ProductChoice = pulse AND DeployEnv = prod'
              UninstallCommand='-ai -o unistall -u [Username] -p [Password]'
              After='PowerONPulse'
              SourceFile='Resources\Prod.Pulse\SetupAgentB.exe'>
    <Payload Compressed='yes' SourceFile='Resources\Prod.Pulse\SCA\SCOM2012\x64\MOMCertImport.exe'/>

My best guess is that there is either something wrong with the files (one exe and two dlls) as the rest of the payload files work fine or something wrong with the way I am signing my bundle:

<Target Name="SignBundleEngine">
    <Exec Command="&quot;C:\Program Files (x86)\Windows Kits\10\bin\10.0.15063.0\x86\signtool.exe&quot; sign /f &quot;PowerONCodeSigning.pfx&quot; /p  /t http://timestamp.digicert.com /v /d &quot;%(SignBundleEngine.Filename)&quot; &quot;@(SignBundleEngine)&quot;" />
</Target>
<Target Name="SignBundle">
    <Exec Command="&quot;C:\Program Files (x86)\Windows Kits\10\bin\10.0.15063.0\x86\signtool.exe&quot; sign /f &quot;PowerONCodeSigning.pfx&quot; /p  /t http://timestamp.digicert.com /v /d &quot;%(SignBundle.Filename)&quot; &quot;@(SignBundle)&quot;" />
</Target>
<Target Name="SignMsi">
    <Exec Command="&quot;C:\Program Files (x86)\Windows Kits\10\bin\10.0.15063.0\x86\signtool.exe&quot; sign /f &quot;PowerONCodeSigning.pfx&quot; /p  /t http://timestamp.digicert.com /v /d &quot;%(SignMsi.Filename)&quot; &quot;@(SignMsi)&quot;" />
</Target>
<Target Name="SignCabs">
    <Exec Command="&quot;C:\Program Files (x86)\Windows Kits\10\bin\10.0.15063.0\x86\signtool.exe&quot; sign /f &quot;PowerONCodeSigning.pfx&quot; /p /t http://timestamp.digicert.com /v /d &quot;%(SignCabs.Filename)&quot; &quot;@(SignCabs)&quot;" />
</Target>

At this point I am at a loss as to what could be causing this and would really appreciate any help.

In case anyone else has a similar problem this was caused by having two dependencies of the same name (but in different source folders) for x86 and x64 unpacking to the same place and burn getting the GUIDs the wrong way round. The fix was to specify a folder structure for each using the Name value.

The payload files are now declared like this:

    <Payload Compressed='yes' SourceFile='Resources\Prod.Pulse\SCA\SCOM2012\x64\MOMCertImport.exe' Name='SCA\SCOM2012\x64\MOMCertImport.exe'/>
    <Payload Compressed='yes' SourceFile='Resources\Prod.Pulse\SCA\SCOM2012\x86\MOMCertImport.exe' Name='SCA\SCOM2012\x86\MOMCertImport.exe'/>