That's it

In future, please use NTSTATUS errors (as returned by NtLoadDriver), not Win32 codes, thanks...

In this case it so happens that the Win32 error is actually a 1:1 translation of an NTSTATUS, so we can use it:

//
// MessageId: ERROR_INVALID_IMAGE_HASH
//
// MessageText:
//
// Windows cannot verify the digital signature for this file. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
//
#define ERROR_INVALID_IMAGE_HASH         577L

This simply means that

• You do not have test signing enabled, or
• You have test signing enabled, but the image is either unsigned* or signed in a way that is invalid (e.g. signed and later altered).

*I thought Windows loaded unsigned drivers in test signing mode so long as their PE hash was correct, but I may be misremembering this, or the behaviour may have changed in a recent Windows release. Either way, signing the driver with a test signing certificate will fix this.