The relevant thing here is that the main weakness in MD5 requires both the "good" and "evil" versions of the message (or file) to be produced by the same party. It doesn't allow J. Random Attacker to swoop in and alter things that already exist. However, it would allow a hypothetical Evil Maintainer to pre-cook "good" and "evil" versions and swap between them without changing the MD5.