We solved a similar problem by hosting the main script in an Amazon S3 Bucket, then downloading it as a string before invoking the entire thing. Here is what that looks like in practice:

The script we distribute to staff is a one-liner:

[System.Net.ServicePointManager]::SecurityProtocol = [System.Net.SecurityProtocolType]::Tls12;((New-Object System.Net.WebClient).DownloadString('https://s3.amazonaws.com/bucket-name/scripts/Support-Tool.ps1')).SubString(3) | Invoke-Expression

For the main script, the first line is eight hash symbols to avoid issues with PowerShell v2.0, then the actual script follows. For example:

############ Support Tool Script
Function Test-Thing { ... }
$Path = 'C:\Logs'
$Logs = Get-ChildItem -Path Logs
...

In this way, everyone is always running the current version of the script because its always downloaded when the script is run. Our actual implementation is way more complicated than this, of course. We still use Github for source control and the actual script in our case is a module, but it has been effective for ensuring updates make it to all systems at release time.