I might be completely wrong, but I’ve heard that a key is only a few hundred dollars, and once you’ve got it you can sign whatever you want. I think ReactOS also used to offer free driver signing for open source projects.

So I guess if ReactOS can afford one, so can most anti-cheat companies.