Malware

StartSSL code signing certificate - does it need to be re-rolled every year?

I bought a certificate for code signing (Code Signing), StartSSL a year ago - in order to exclude false positives from antiviruses - and so that SmartScreen stops swearing when the user starts the downloaded program.
For about a month, SmartScreen cursed programs signed with this certificate.
That is, the user downloads the program from the site, launches it and gets a frightening message
"The program has protected your computer."
I managed to somehow promote the certificate (apparently, some users still clicked "More Info" when starting the downloaded program), and after a certain number of downloads, SmartScreen began to consider files signed with this certificate as "respectable".
But the term of the certificate began to come to an end, I began to think about how to continue signing programs after the expiration of the certificate.
It is necessary to renew the certificate ...
So, I ask those. StartSSL support - how to renew the certificate. They answer me that it is impossible to renew the certificate, but you can get "a new one" (new certificate).
Okay, got a new certificate from them. After signing programs with a new certificate, I found that SmartScreen swears at programs signed with a new certificate! And if you sign the old one, it perceives them normally.
What happens - now every year, when you receive a new certificate (cannot be renewed) - you need to promote it in SmartScreen (losing some of the users who will see a frightening message when downloading a program signed with this new certificate)? Or is there some normal option?