I agree, you don't need to make the witness appliance highly available, I assume it will be supported anyway. The question is just to be aware of the implications and risks of the design decision to keep all the witnesses on one ESXi host. For example, if the witness host goes down, all your VMs in all three clusters will stop being protected (as the max protection you can achieve in any of your clusters is FTT=1), and they will stay unprotected until you managed to get the host (and all the witnesses) back up again. If no one were around to fix it or if you needed to order hardware to get the host back up, the VMs might stay unprotected for a long time. If you for instance had any disk failure on any of the hosts in any of the vSAN clusters at this time, some vSAN objects would most likely be unavailable and the VMs would go down. Having a spare host would definitely help mitigate against this problem, as you could possibly manually move the witnesses on this host, but it will obviously require someone to do this. Having the witnesses in an HA cluster would mitigate against the problem of no one being around to do the manual task.
I'm surprised that the witnesses are unsupported on the other ROBO or stretched clusters. These are just critical VMs running in a vSphere cluster, and have nothing to do with the clusters they run in. I would almost think that whoever said it was unsupported assumed that you would run the witness appliance in the same vSAN cluster that the witness is part of (I assume that would be unsupported). I'm not sure about this though and accept that VMware explicitly might have made this unsupported, might be worth double checking though.
