The size of zip package matches our full release package. It's hard to tell why you've got signature check error. Maybe downloaded file is incomplete or checking mechanism is not compatible somehow. You can download easy install package (*.ei.zip) and put it manually into your EPESI root dir. Then open update.php script.
That update script does it for you, but to be sure that's not a malicious package provided by man-in-the-middle attack we have to check signature. You should make sure that downloaded file is not corrupted - you should review checksum (md5 or sha1) - size only is not sufficient method.
Easy install package is the same as full release package, but it's without epesi-version-revision directory inside.