Today I found a workaround for this annoying issue. Unfortunately I cannot place a link to the relevant webpage here, but using a search engine a document can be found called "Signing a Mac package on Linux". on the wfu.edu homepage. The same steps work on OSX if you build the xar utility using MacPorts on Big Sur and the call that version using /opt/local/bin/xar. Additional requirements are a working .pkg to extract the certificates and a .p12 file of your certificate. Basically xar can be used to do the same thing as productsign but with backwards compatibility. This way we don't need to wait for a fix from Apple. It seems this problem in slightly different form was already present on 10.14 when targetting 10.6.8, but now it is affecting everything up to 10.11.