User Configuration > Administrative Templates > Microsoft Office 2016 > Security Settings > Trust Center
User
HKCU\software\policies\microsoft\vba\security
This policy setting controls whether only VBA macros that use V3 signatures can be trusted and run in the application. If you enable this policy setting, only VBA macros that use V3 signatures can be trusted and run in the application. If you enable this policy setting, we also recommend that you enable the “VBA Macro Notification Settings” policy setting for the application and then select the “Disable all except digitally signed macros” option. Note: Before enabling this policy setting, you should upgrade your existing VBA macros to use V3 signatures. If you disable or don’t configure this policy setting, VBA macros signed with legacy signature schemes can be trusted and run in the application.