Sure it would be suspicious if the hacked driver is signed. But like as I saying above, the issue isn't really as bad as people are making it out to be. If the people who hacked Nvidia release the private signing keys, it won't be long for Nvidia to revoke those keys. I have to believe that Nvidia has already revoked all user/login credentials that were in use across its entire platform, securing their data, webservers, and fileservers already. This prevents the hackers from being able to sign a hacked driver and upload it to Nvidia's site for download.
This only leaves man-in-the-middle and DNS-poisoning attacks for the hackers to point someone to their hacked drivers. But these types of attacks are becoming harder and harder to do with the adoption of DNS-Sec and the widespread use of https. Which again, means the only hacked drivers that are signed would be on third-party sites, which should be inherently not-trusted by anyone at this point, except for those people who are looking to find a hacked driver to unlock some kind of performance in their card that the official drivers do not support. And in that case, they are the people at risk and should already know that the driver they are grabbing has been modified and is a complete use at your own risk kind of thing.