If apps refuse to run on graphene it's not because of graphene's content it's just a question of whether the attestation is recognised. It's not signed by Google.
I guess one reason you'd want to avoid that is that makes it harder to e.g spoof your location or falsely tell the app that screenshotting is disabled.
It's mostly preventing apps to be botted . As each device has its own certificate and can be banned exclusively, if it's google certified. This certificate( also called keybox/keybox.xml) is stored in the secure enclave in the device.
If you want to dive deeper you can checkout droidguard/play integrity.