A signature shouldn't be incorporated with the ZIP document, it very well may be a "withdrawn" signature. So you could have the zip and enable somebody to check the sig, which is normally only a progression of hex or base64 characters, out of band with an application you compose.
AsymmetricAlgorithm privateKey = certificate.PrivateKey;
byte[] buffer = Encoding.Default.GetBytes(<data from the zip>);
byte[] signature = privateKey.SignData(buffer, new SHA1Managed());
and verification
AsymmetricAlgorithm privateKey = certificate.PrivateKey;
byte[] buffer = Encoding.Default.GetBytes(<data from the zip>);
byte[] signature = privateKey.SignData(buffer, new SHA1Managed());
hope this helps you try this code
Thanks!!