This isn’t true. Software can be installed and used without being through this process, if the user explicitly allows it.
Just as if I download some software that hasn’t come from a ‘store’ on Linux I check it out before using it and only set execute permission if I’m happy, I do the same on MacOS.
I was under the impression that any program with a hash that had not been seen yet must be first approved remotely by a central server before it is allowed to run:
Yes. I flip the switch to allow such software almost daily. Probably lots of others on this site do the same. If you have the chance to use MacOS then you can try this for yourself.
That means it is no longer a general-purpose computer, but an extension of Apple's cloud.