wp_signon()
actually already calls wp_set_auth_cookie()
which is the function that sets the “remember me” cookie, hence you don’t need to manually call that function.
And that (wp_set_auth_cookie($user->ID)
) is actually the problem in your code, because it’s overwriting the “remember me” cookie that was already set.