Hello folks,
I found an old topic where this was asked. Unfortunately, this remained unanswered at the time.
Here I found a solution to verify the download of Brave Browser.
- The Apple Siging Key from Brave is available here
“macOS
Our releases are signed with the Developer ID “Brave Software, Inc.”. Our Team Identifier is KL8N8XSYF4.”
- After you have downloaded the download from the official homepage AND installed the program, first check whether the program has the correct identifiers.
Open the terminal and enter the following code:
codesign -dv -vvv /Applications/Brave\ Browser.app/ 2>&1| grep Authority
Which should return:
Authority=Developer ID Application: Brave Software, Inc. (KL8N8XSYF4)
Authority=Developer ID Certification Authority
Authority=Apple Root CA
If the identifier is correct, everything is good. If not, stop using it and delete it.
This is the only and best way I found after a long search. As I said, the topic here serves more as information for anyone who is looking for it.
P.S.: Nevertheless, it would be nice if Brave published a SHA256 key etc. on the homepage next to the download link. As many do, such as https://gpgtools.org. Especially if you are a browser having your own crypto wallet included. Just in case a dev is reading here… 
Hope this helps.
Greetings