Yes, this is the standard message from the Sandbox mechanism, for any app not downloaded from the AppStore or otherwise "signed". As noted, this "protection" (which we would have to pay for) does not extend to command line tools, which might lead one to suspect this is as much a marketing tool as a serious attempt to protect users. The only practicable solution at present is to got to Preferences->Security... and enable "allow .. from anywhere".