As soon as chrome finishes the download I get a message:

dangerous, so Chrome has blocked it.

message on the downloaded file. I have not gotten this in the past.

Maybe your site has been hacked?

Is there a md5 or sha1 hash that I can use that has a gpg signing that I can trust came from the developers?

I've seen this with other open source software.