Under normal circumstances, you would have to agree to “Always trust software from " before a certificate would be installed there.
This self-signed root certificate was installed in the Trusted Root Certification Authorities store. In a recent article by RSA FirstWatch, we learned that a popular USB audio driver had silently installed a root certificate. We have talked about certificates in general before, but a recent event triggered our desire for further explanation about the ties between malware and certificates. They're issued by a certified authority (CA) and, essentially, verify that the software/website owner is who they say they are.
Root certificates are the cornerstone of authentication and security in software and on the Internet.