Hmm, maybe the bundle identifier is a red herring, but the code signing is definitely the bigger issue.
I would say your options are either to sign it, or remove the code signature entirely, leaving you with a Mac app which users will need to bypass security checks (i.e. right click and choose open, then say yes to the prompt) to run.