The documentation instructs to uncheck the 'require application add-ins to be signed by trusted publisher' setting in Project. However, this setting is read only in my environment. Is it possible to leave this box checked, and instead install a certificate for this plugin?

Release : 15.7.1

Component : CA PPM Microsoft Project Interface

Yes, the certificate can be extracted from the setup.exe typically found under a path similar to: C:\Program Files (x86)\CA\PPM\CA PPM MSPInterface\addIn. The certificate can then be found under the Details button on the Digital Signatures tab when right clicking on this file. Once the certificate is extracted, it can be installed on the user's machines and trusted.