Disabling HSTS for managed browsers
You're conflating a few different things here, and I suspect it's leading you to some false conclusions.
- HSTS ("HTTP Strict Transport Security") is (only!) about mandating that HTTPS is used for connections to specified sites. It doesn't enforce anything about which keys, certs, etc are used to authenticate the connection.
- Public Key Pinning specifies that, if a HTTPS connection is established to a given name, that the certificate chain must include one of a given whitelist of public keys, else the connection is considered invalid.
Since HTTPS inspection is (unfortunately) a widely-deployed practice, the general practice amongst browsers is that certificate chains which end in a locally-installed root CA certificate are exempted from public key pinning checks. I've found a statement from Chrome's Adam Langley on Chrome's behaviour (the section "What about MITM proxies, Fiddler etc?"), but my experience is similar for other browsers.
I'm fairly confident that the problem indicated in your screenshot isn't that the browser is getting hung up on a pin, but rather that it is failing to recognise the certificate as chaining to a trusted CA certificate at all. That will trigger a HSTS failure, because "using HTTPS" is more correctly specified as "using properly-secured HTTPS including secure ciphers and a trusted certificate for authentication". I would suggest double-checking that the MitM proxy's root CA certificate is installed correctly and recognised as valid by the browser(s) in use.