Is it possible to verify that the output of an executable came from its unaltered control flow?

I suppose an executable could contain a key which signs its output, but that key could be extracted and used to sign other data. Is it possible to verify that the output of an executable is the direct result of its own unaltered (assembly) control flow?

that key could be extracted and used to sign other data

Correct. An attacker can extract the key and sign anything.

Is it possible to verify that the output of an executable is the direct result of its own unaltered (assembly) control flow?

Generally speaking, no.

It can be verified only in some specific cases. One approach can be to use signed executable (signed by its provider) which is running in a controlled environment. By verifying the signature you will be sure the code is not modified. By using controlled environment you will be sure that neither input nor output was modified, nor the code was modified when executable was loaded by operating system, nor the memory used by executable was modified by other process.

Generally speaking, in an uncontrolled environment (e.g. the OS can be modified), this is not possible. Whatever you come up with (verifying the machine code, checking for digital signatures, etc.) could just NOT be done by a copy of your software, and signing the output would still be possible.

Verifying that the actual code that is loaded and running is from a specific author can only be done by the OS (or system in general) without the possibility that it is forged by a third party.

And trusting this verification would only that the system itself can not be tampered with.

So no, i don't think that there is a practical way of doing this. The closest you come to such a closed system is maybe iOS/iPad OS. And at least I am not aware that there is such a system function available there. I even have searched for it before, because I would have found it pretty handy if, for example, iOS could sign a web request and include the app's manufacturer in the signature. To my knowledge, this is not possible, though. (Especially because even iPhones can be jailbreaked)

In an embedded (closed) system, on the other hand, where you can control every interface that can be used to load code, you could implement this yourself. This is as secure add the anti-tampering is, though. And add we know, this is never perfect.

On your average laptop or PC, however, I don't think it's possible.