I'm trying to patch my bootmgfw.efi file to change the background color of the BitLocker password prompt and other Windows bootup screens. I found the values to search for and replace for the color (B2 67 20 FF) and verified in IDA Pro that they were all near calls to functions related to the display (they were.) I copied the file to my EFI system partition, backing up the original, and rebooted.

When my computer rebooted, after the BIOS finished, it took me to a screen, in my new color, with the following error:

Recovery

Your PC needs to be repaired.

The digital signature for this file couldn't be verified.

Error code: 0xc0000428

You'll need to use the recovery tools on your installation media. If you don't have any
installation media (like a disc or USB device), contact your system administrator or PC
manufacturer.

Press Esc for UEFI Firmware Settings

Pressing Escape didn't take me to a menu where I could disable the signature checking or anything; just my CMOS setup, where I already have Secure Boot disabled.

I was able to easily restore the backup using the installation media as it said, but how can I tell Windows that the invalid digital signature is not the result of malicious software, but rather an intentional change on my part?

Boot into the UEFI (basically BIOS) and disable secureboot. To get into the firmware, search for advanced reboot options and an option should be there. I don't recall the specifics, as when I get a Windows 8 machine I always nuke it and install arch linux, so I only do it once a machine.