How is that going to work when most of the users are behind NAT/Firewalls? That's a connection model that just doesn't work well on the modern Internet.
I'm also kind of baffled by the need to install a Blizzard root cert in the cert store. That's normally only necessary for people who are too cheap to get their certs signed (Blizzard makes enough money to do this) or who want to MitM encrypted traffic from your host.
You're opening their website. JavaScript on their website connects to https://localhost:12345 and uses that connection to interact with battle.net software that runs on your PC. NAT/Firewall is not an issue. But that client software have to present valid certificate for that localhost website. To do so, they generate that self-signed certificate at installation time and mark is as trusted, so browsers will accept it. There's no other way to do that, really (well, there's a way actually, but it requires to sign some very non-standard agreements with certificate authorities, I know that Plex does that). Blizzard does not use that certificate to MitM your connection, because they don't send it back, it's generated, stored and used locally.
I don't like this practice too and I would opt-out of that "feature" having the choice. I just used to develop similar software, so I understand why they did that.
Browsers require it. If you're establishing connection from JavaScript that was loaded on HTTPS website, you can't establish connection to HTTP.
I've heard recently about some movement to allow HTTP connections to localhost, but I did not investigate that thoroughly. TLS should not be needed for localhost, that's true.