Hi Aboo,
Irrespective of the certificate source, it should have certificate signing power. i.e CA power. Well known CAs won't give you a cert with SubCA power due to security as well as Business reasons. This is the reason why it is required to create a cert locally either on proxy or on local CA server.
Also having this certificate trusted by browsers/applications is one requirement in SSL Interception. This is not just with ProxySG. Applies any device which uses local certs for SSL Interception.