It's really not that hard, it takes a bit of time to set the whole thing up for the first time, but after you are done, verifying signatures takes just a few clicks. I use Kleopatra on Windows and it's pretty simple.

But verifying developer's signature doesn't guarantee a 100% security, there's always a small chance that developer has gone rogue or got hacked themselves and their keys were stolen - to cover situations like that, it's always wise to check for such problems on public media first.