Same here, IE is complaining invalid or corrupt signature. But no problem with Firefox.
I'm sure that this is a MS issue. AFAIK, Symantec updater files are signed with SHA-1 signatures. But SHA-1 slowly gets obsolete. It seems to be that IE and Windows are handling SHA-1 signatures differently. While Windows is showing a valid certificate (see under "properties" of the file), IE does not accept it because it's following Microsoft's policy to abandon applications that were SHA-1 signed since the beginning of 2016.
For more info, see this site:
http://social.technet.microsoft.com/wiki/contents/articles/32288.windows-enforcement-of-authenticode-code-signing-and-timestamping.aspx
If you want to be on the safe side, you can check the definitions against the MD5 hash Symantec is providing on the download site.
All in all, it's a cosmetical issue. No corruption. That your clients are requesting full.zip files must have another reason.