This is driven by the alternate data streams. Windows flags files as potentially untrusted if they have been downloaded (for example) from the internet zone and will disable execution.
As a side note, Sysinternals provide a free tool called 'streams' (via Microsoft) which allows you to remove (including recursively) all alternate streams from a file / directory.
As a second side-note, the reason Windows does this is because it's a fairly simple way to construct a trojan or virus. As discussion on this briefly here.
In 2009, the alternate data stream was used by a click fraud Trojan named FFSearcher. It used the stream name “Zone.Identifier” which is a stream name that Microsoft uses to mark executable files downloaded by Internet Explorer. Instead of a simple zone identifier however, the Trojan implanted a DLL file that contained the Trojan’s code.