This happens because when you download an .EXE, .ZIP, or .CAB Internet Explorer (as well as Firefox and Chrome) saves what is called a Zone Identifier, telling the Operating System the file came from the internet and not a trusted zone. In certain deployments this can happen several times when a user logs in to load all of the applications into the system tray, some of them being igfxtray.exe, apmsgfwd.exe, apntex.exe, apoint.exe, gfxui.exe, hidfind.exe, hkcmd.exe, igfxpers.exe.
To get around this we need to remove the ZoneIdentifier, we can use a small utility from SysInternals to do it. Download Streams, copy it to your MDT or SCCM Server and run the following changing the path to a location containing your drivers;
streams.exe -s -d "E:\MDTDeploymentShare\Out-Of-Box Drivers"
Make sure you run that in an Administrative command prompt and accept the license agreement on the first run. Hope that helps.