The problem with "Mozilla should trust the user" is that the threat model itself is users being forced, coerced, or tricked into installing the cert.

Presumptions of user autonomy, consent, or informedness are invalid.

Which means that the bypass process should be highly inconvenient.

I've addressed that separately in a direct response above -- might not be a solution for you, but it's the direction I'd look to. Alternatively, you could look for what Firefox's behaviour in the presence of locally installed certs would be, though as noted above, given the threat model, it largely shouldn't do that.

Keep in mind that a large chunk of Mozilla, Google, and Apple's stance here (and I suspect Microsoft will join them) is that this is a very bad practice of CAs or governments, as not only will the browsers flag this practice, but those certs and a lot of collateral damage will result. This is by all appearances deliberate and a strong message to not do that then, to any governments which are considering similary asshattery.

And failing to respond forcefully to such actions and threats risks compromising all trust whatsover in the browser and CA models. Which are rickety enough as it is. So Mozilla, Google, and Apple most definitely have dogs in this fight as well.

Firefox is open source. You can changing anything in the code instead of demanding that Mozilla compromises everyone's security for your particular case. All you need is 40 Gb of free space on HDD and 4 Gb or more of RAM if I remember correctly. And if you are working for a government organization, they probably have someone who can fix such issues.