The information from the MSIEXEC log suggests that there is a problem with an intermediate cert (in the chain-of-trust). Digicert has confirmed that our EV Code Signing cert is valid. This has been working fine on Win 10, and continues to work fine with Win 11 Retail. But among our users who have Win 11 Insider Preview installed, some (not all) of them are affected by this.
Despite lots of effort, we've been unable to reproduce this in a Win 11 Insider Preview test environment, so we've had to rely on verbose MSIEXEC logs from cooperative users, and those don't specifically identify the intermediate cert that is missing or failing to validate. So far, I've been unable to find any common factor in the system information provided by the affected users.