In order to check the signature of the iso, you first have to import the Qubes Master Signing Key (Key-ID 0xDDFA1A3E36879494) and the Qubes OS Release 4 Signing Key (Key-ID 0x1848792F9E2795E9) into your public keyring. Then, sign the Master Signing Key with your own private, specifying full trust (level 4). You could do this using the Kleopatra GUI or via the commands
gpg --sign-key 0xDDFA1A3E36879494
and
gpg --edit-key 0xDDFA1A3E36879494 and selecting subcommand trust
Then verify the signature of the iso via the context menu entry Decrypt and verify, applied to the file Qubes-R4.1.0-alpha20201014-x86_64.iso.asc, which must be stored in the same directoy as the corresponding iso file Qubes-R4.1.0-alpha20201014-x86_64.iso. This context menu entry should be available if gpg4win was installed with the GPGex option.
Alternatively, you could verify the signature via the command
gpg --verify Qubes-R4.1.0-alpha20201014-x86_64.iso.asc Qubes-R4.1.0-a lpha20201014-x86_64.iso
which should give a result similar to the following:
gpg: Signatur vom 14.10.2020 12:22:46 Mitteleuropõische Sommerzeit
gpg: mittels RSA-Schlüssel 5817A43B283DE5A9181A522E1848792F9E2795E9
gpg: Korrekte Signatur von "Qubes OS Release 4 Signing Key" [vollständig]