the simple solution without having to install anything is to use certutil from Powershell

certutil -hashfile <file> SHA256

certutil support the following hash algorithms: MD2 MD4 MD5 SHA1 SHA256 SHA384 SHA512.

example (iLO4 firmware file for HP Proliant Server):

PS D:\DL380Gen9\iLO> certutil -hashfile cp053895.exe SHA256
SHA256 hash of cp053895.exe:
3a35573541ce44e6fadde844a0d2cb31a5bae2a55e701e2ce9d3e77c61c01d5e
CertUtil: -hashfile command completed successfully.
PS D:\DL380Gen9\iLO>

the corrosponding value from HP says that it should be (SHA-256 Checksum):

3a35573541ce44e6fadde844a0d2cb31a5bae2a55e701e2ce9d3e77c61c01d5e

This is a simple way to verify that the files you downloaded or got is acctualy the real deal.

see more here: https://learn.microsoft.com/en-us/windows-server/administration/windows-commands/certutil