Why do we need to sign the ClickOnce Deployment using a certificate?
Signing the deployment is just another way to ensure that the local version agrees with the version on server. This prevents from installing any unauthorized stuff - hence helps detect tampering by others.
Signing with a test certificate, will prompt "unknown publisher" when it installs; Signing with a Verisign Certificate will show your company name when it installs.
The purpose of a certificate is just to ensure that you are who you say you are. Signing with a test certificate can be used when you don't want to purchase the real deal.