There is no way to contact everyone who uses, or intends to use, Electrum - there is no database of users, in-wallet messaging service, or email sign up. The best that can be done is to give clear instructions on the site, which is already done. On the landing page it says to verify the signature, and on the download page there is a box which explains why you should verify signatures, and provides links to various tutorials...
I agree with you, but I was not talking only about Electrum wallet but rather had in mind a much bigger picture. What I mean is that we should try to inform people (best we could) to develop a habit, to check every signature of the downloaded file using PGP, especially when it goes to programs with sensible data, but not only of course. The best outcome would be when literally every download will be checked. This is exactly, as it was with VirusTotal, at some point, I started to scan almost all URLs, files, downloads which were new or seemed suspicious to me. So far I was never hacked or don't know about it.