I would suggest to open an SR for this.
I agree that an official OVA should not contain self-signed certificates.
And yes, the option to bypass the certificate check is missing on the cmdlet.
I would suggest to launch an idea for this at VMware PowerCLI
In parallel inform your TSA
