1. They are still protected by that certificate, only avast users would see the avast certificate as to be able to scan https traffic it has to do that intercept. I don't believe there is a way/setting of removing the certificate, effectively you would have to disable all https scanning in the Web Shield customization settings (not for specific sites). That would leave you vulnerable to malware on https sites, just because they are https doesn't mean they are clean.
What Firefox and Avast version are you using ?
2. The setting is there, just that Asyn is using the German language version of Avast Premium.
See attached English Version of the UI > Settings > General > Personal Privacy.