Background
CAST-5 is an older encryption algorithm used by GnuPG because AES didn't exist yet back in the time GnuPG was created initially source. It's not widely used (apart from GnuPG for compatibility reasons).
The WARNING: message was not integrity protected is because this feature isn't turned on by default at time of encryption. If this was turned on, GnuPG could tell if the file has been altered in transit.
Update: modern versions of GnuPG shipped with Ubuntu/Debian now have MDC enabled by default and you should never see this message again for anything signed with these newer versions.
Solutions
To use a stronger AES-256 you've got to specify it either on the command line or in your configuration file.
Command-line: add the --cipher-algo AES256 option so the full line to encrypt becomes
gpg -o myfile.gpg --cipher-algo AES256 --symmetric myfile
Configuration file (recommended): add the following line to your ~/.gnupg/gpg.conf configuration file.
cipher-algo AES256
I recommend this approach because it will be used for all future GPG operations on this user account.
There's nothing to change for the user to decrypt the file - GnuPG will detect this automatically.
Note that using the AES-256 cipher, the message is automatically protected for integrity. To manually enable the integrity protection on other ciphers for which this is not enabled (like CAST-5) add the --force-mdc option when encrypting.
Even better: sign!
An even better approach would be to sign your files with your keypair (if you have it). Just add the --sign option to the encryption command, like this:
gpg -o myfile.gpg --cipher-algo AES256 --sign --symmetric myfile
This will not only validate the integrity of the file, but also make it possible for the recipient of the file to verify the origin. Any alterations on the file would have the signature check to fail.
