I ended up solving the signing by signing the package once with my script which signs all files individually inthe right order and then afterwards signing it again with py2appsigner. Since it's working now I haven't spent more time analyzing why both steps were required. Thanks againg for the help everybody involved.

Thanks for your answer. I removed the files you mentioned and get the same positive output from codesign -vv, but it doesn't make any difference regarding the notarization process. I tried using Xcode for the signing, but it seems like it's not compatible with what Qt offers.

Thank you for your answer. I tried signing the files in ascending order, meaning so sign all files first, and the directory above it. Unfortunately no change in the result though. Is there a way to get more information about why the "Developer ID Certificate" is invalid?

Thanks for the provided links! Makes sense that the signing needs to be from the dependencies backwards. Regarding placing of the content, I think py2app does a good job with that. Especially the log states there is some signing happening already. Of course I can provide you with a copy, the project is open source anyway. Here is the zipped .app: http://dreisicht.net/share/renderrob.zip

Thank you for the helpful reply! I was trying to build my application with PySide6-deploy, which is putting all files into the MacOS subdirectory. After researching I ended up using Py2App, which follows the required folder structure. Providing only the top level MyApp.app/ directory path did not work, after getting a myriad of complaints of the notarization. Do I have to sign now every file individually? And is there a generally preferred tool for packaing Python based apps?