Thanks for persevering with this and getting in touch.
If you have an Adobe AIR certificate you should be able to use this, but with some certificate issuers there can be problems with the ordering of the certification chain inside the certificate file itself.
If you are on Windows, the easiest way to resolve this is to import it and then re-export it (unfortunately it's quite a bit more complicated on Mac).
Firstly, double-click on your P12 file to import it into your certificate store.
Then, in Internet Explorer, go to Internet Options, click on the Content tab and then Certificates.
Find the signing certificate you just imported (probably listed under Personal), click on it and then click Export.
A wizard will appear - select "Yes, export the private key", and when asked to select a format choose PKCS #12 (.PFX). Check the box "Include all certificates in the certification path if possible", and then choose a password.
The exported PFX file can be renamed to P12 to use with ZXPSignCmd, UCF.jar or Extension Builder (along with your new chosen password).
Alternatively - if you want to use your self signed certificate, the "untrusted" warning dialog you're seeing will not appear if you're only distributing your extension via Adobe Add-ons (or Adobe Exchange www.adobeexchange.com). It's only really necessary to use a commercial signing certificate for distributing your ZXP through other channels.
Thank you so much Fraser! It finally works!