To answer the question from the title: YES. Signing the packages guarantees the integrity of the packages and security of the repos and packages.
What has happened is probably a change in the gpg-key from Packman. Both your system and Packman should have the same key (a pair). There’s a Help section on their website, that explains how to download the gpg-keys so you can check them.
In this specific case I checked. If you want to use the Packman packages, accept and import the key by answering Yes.