1. Hashes don't "sign" things (not directly anyway)
2. Hashes aren't unique in theory or practice (using a 256-bit hash on every 257-bit number will generate 2^256 collisions by the pigeonhole principle).
Suppose every person generates 1 billion files a second * 7 billion people * 1,000 years = ~3x10 ^ 28 call it 10^29. For a collusion among non identical files using a good 256 bit hash you get ~1/(2^256) * (10^29) * (10^29) = ~1/(2^198).
Or 1 chance in ~4 * 10 ^ 59 of finding even one collision.
Your math is off a bit[0][1] but you're right, it's a vanishingly small probability of a single collision. This is fairly academic though, when you're talking about an adversary exploiting weaknesses in the algorithm itself, and not a perfect PRF.
1. Hashes don't "sign" things (not directly anyway)
2. Hashes aren't unique in theory or practice (using a 256-bit hash on every 257-bit number will generate 2^256 collisions by the pigeonhole principle).