Enable signing and notarization of MacOS executables using SignTool

[mmitche]

Enable SignTool to process and and submit MacOS files for signing and notarization. Because notarization can only happen on a Mac machine, this requires #14431 to be complete.

One challenge here may be that Mac and Linux executables typically do not have extensions. So what do you put in the signing configuration file?

One place to start with this is looking at what we do in the staging pipelines.

[dotnet-issue-labeler]

I couldn't figure out the best area label to add to this issue. If you have write-permissions please help me learn by adding exactly one area label.

[ellahathaway]

We consider a file to be macOS file if it is a "Mach-O" file. To check this, we'd probably have to look at the bytes to determine the file type.

[ellahathaway]

T-Shirt Size: S/M

Need a workaround for adding these to the ItemsToSign list and likely also to SignableExtensions and https://github.com/dotnet/arcade/blob/main/src/Microsoft.DotNet.SignTool/src/FileSignInfo.cs.