Report signed DO-NOT-SIGN files in VMR Signing Validation

[ellahathaway]

VMR signing validation currently only reports on unsigned files. This is problematic because some files are marked as "DO-NOT-SIGN', but they are signed anyways; we should catch these cases.