An attempt to install/use the PAM client on MAC OS 10.15.7 fails will error
"CAPAMClientInstall2.app can't be opened because Apple cannot check it for malicious software.
This software needs to be updated. Contact the developer for more information."
Apple added a notarization requirement, standard in the new Big Sur release already, to the latest versions of Catalina (and Mohave).
Release : 3.4
Component : PRIVILEGED ACCESS MANAGEMENT
PAM Engineering updated the PAM 3.4.3 client installer for MAC on April 16. 2021. The new version can be downloaded from https://d21oi5tjuccwe.cloudfront.net/ca-pam/install/mac/CAPAMClientInstall_V3.4.3.zip, and will be downloaded automatically when a user connects to a PAM 3.4.3 server from a MAC desk/laptop and chooses to download the MAC client installer.
If you are using a private delivery network , see page https://techdocs.broadcom.com/us/en/symantec-security-software/identity-security/privileged-access-manager/3-4-3/deploying/deploy-the-pam-client/use-a-private-delivery-network-to-distribute-the-client-installer.html, make sure to update this file on your file server.