Nobody can help you to set a publisher which can be verified unless you address to some certificate authority: http://en.wikipedia.org/wiki/Certificate_authority
This will cost money though.
Most likely, you used self-signed certificate. This is fine if it is used by some person who knows you (for example, a member of your development team) and who received a public key or public key token independently from you. Then you have a reliable way to confirm that the MSI is signed by you and not by some malicious artist, because only you posses the private key you obtained while creating the certificate. This is the whole idea.
This is not the case if the user of MSI is the regular uses. For such person, both you and some malicious artist who could spoof you Web site (for example) could equally be an original author. For that reason, the system of certificate chains has been created.