While I understand the issue, most of our testing artifacts are signed with an internal certificate. The reason is we want to avoid testing executables look too much like production ones. Using certificates which are valid only on the tests systems is one way to spot them easily. It also means less people need access to the production keys.
Of course the final round of testing needs to ensure everything is ok in the full production configuration, and usually the accounts used for the automated builds can't get past the company fw/proxies, and run with as few privileges as possible. There may be also the issues of using more than one build machine, with a single device we'll have to build a separate signing server.