On one side vCenter is aware of the additional Intel-Microcode features, which came for Spectre/Meltdown, but your BIOS/Microcode is not yet updated.
However, on the other side, all hosts are running the same BIOS/Microcode, so it's not really clear whether this is causing the issue.
Can you please try to create a new cluster, move the host to this cluster, and then try to enable EVC? Does this work?
André