Final Windows and Mac installers are digitally signed by The Bitcoin Foundation. (Note that The Bitcoin Foundation is not actually strongly associated with Bitcoin development -- it is just convenient for them to sign the releases.) On Windows, you can check this by right clicking the installer, choosing properties, and then going to the Digital Signatures tab. Check that it is signed by The Bitcoin Foundation, Inc..
Prerelease versions are generally not signed.
Actually they are. The signatures are included in detached form at
https://github.com/bitcoin-core/bitcoin-detached-sigs. These are combined with the unsigned versions to create signed versions. This is done for every single version, including prereleases.
Note that the digitally signed installers cannot be verified in this way because you would need to know the private key of the digital signature signing key in order to reproduce the installer.
Same thing as above.
Also, for verifying gitian signatures, all of the keys used by everyone who has built gitian binaries is located at
https://github.com/bitcoin/bitcoin/tree/master/contrib/gitian-keys