Why do you wish to change the CA used here exactly?
The key presented is signed by a Certificate Authority: the internal Check Point one.
As it is used for a lot of things (including VPN), the internal CA cannot be removed.
You also cannot replace the internal CA with an external one.
I know for site-to-site VPNs for third parties, you can specify which Certificate Authorities can be used for VPN.
That's done here:
To add a different trusted CA, you need to create an object for it:
Whether that works for Remote Access VPN is a separate question.
Even if you could, I don't believe it changes the end user experience at all (i.e. they'll still get prompted to validate the site certificate when they first connect).