Even Windows has an integrated MD5 (or SHA for the matter) tool, it's just hidden inside a multi-tool binary: certutil.
Usage: certutil -hashfile <file> MD5
Where "MD5" is the algorithm to use (it uses SHA1 by default, so don't forget to append that). "<file>" is the full path name of the file to be checked.
Example:
certutil -hashfile "e:\PSUnreal-Windows-0.7.36.zip" MD5
It doesn't seem to be able to check against a supplied sum, so you have to compare the output manually. For anything other than maliciously modified files, looking at the first and last three bytes suffices and speeds things up a lot. To effectively combat maliciousness you really can't use MD5 in the first place, SHA256 would be minimum (better SHA512) because MD5 is prone to collision attacks.
Also, you would have to provide the checksum via a different method / website than the corresponding file, because if an attacker can modify the webpage to change the provided binary or the link to it, then it's trivial to modify the checksum to match that.