Download of calendar failed. - PKIX path building failed

A self signed certificate is not less good than a bought one, if it is unique and verified. I would assume the uniqueness is properly solved by Synology as it’s a mass product and this would be a 10/10 CVSS Vulnerability and by importing it into the keystore manually, you are verifying it.