Please use the latest version of signtool for this process. 'signtool' available in Windows 8.1 SDK or Windows 10 SDK should be good. 

1. Download the Comodo cross-signed CA that matches your Code Signing certificate's Root CA.
   
   
2. Open an elevated Windows command prompt (cmd) and run signtool.exe:
   
   signtool.exe sign /v /p <your PFX password> /ac "CROSS_SIGNED_COMODO_CA_HERE" /f YOUR_PFX_HERE /tr http://timestamp.comodoca.com/rfc3161 "FULL_PATH_TO_FILE_TO_SIGN"
   
   Example: signtool.exe sign /v /p <your PFX password> /ac "addtrustexternalcaroot_kmod.crt" /f my.pfx /tr http://timestamp.comodoca.com/rfc3161 "C:\myfile.dll"

Note: For most customers CROSS_SIGNED_COMODO_CA_HERE can be downloaded from here:

https://support.comodo.com/index.php?/Default/Knowledgebase/Article/View/962/0/kmcs-addtrust-external-ca-root

OR (for newer RSA/SHA256 Certificates)

https://support.comodo.com/index.php?/Default/Knowledgebase/Article/View/963/93/kmcs-comodo-rsa-certification-authority

Related Articles:

• Time Stamping Server
• Signing Microsoft Windows 64-bit Kernel-Mode drivers