do-all-signing should clean up old signing attempts

So while signing 11.5a11-build2 ran into an interesting situation where the macOS signing scripts skipped notarization because the artifacts from 11.5a11-build1 were left behind, but we deployed to the same directory.

Alternatively, destination/working directory for signing should follow the tor-browser-build tag rather than the release version