That often occurs when the URL schemes of the apps are intertwined, because MDCA's App Catalog works based on URLs. If you look at the domain property of the Power Apps app in the catalog, you will see the URL patterns that it considers a match for that app. (Screenshot below.) Cloud app discovery is based on web log data which gives the URL accessed, not the app ID, which is in the identity plane. The result is that if you block an app like Power Apps with MDCA and MDE integration, for example, it will block all access to URLs matching that pattern.
