It says right in there that they can’t see what you are sending or receiving, but seeing the SNI provides content on what you’re doing. Not seeing where it’s false at all.
Using that SNI header profile though if one was inclined and the site doesn’t enforce HSTS it would be simple enough to proxy traffic through their gateway, or to creating a phishing duplication of the site with a DNS redirect.