It might be a bit difficult (but not impossible) to do that... the APK you download is not the APK that the developer uploads to the Play store. Usually, developers upload a "bundle," and then Google optimizes it by stripping out irrelevant media, i18n, etc., to deliver a smaller optimized APK to the end user.
So you can't just generate an MD5 of your APK and match it against the store description like the good old days when you could make sure your Linux ISO was legit, but there's probably some way to make it work?
EDIT: It might be possible to circumvent Google's bundling/optimizing by just uploading a regular old APK, but IIRC that was becoming more difficult these days. Unfortunately I'm not an Android dev expert.