No, you can use your own CA for everything if you want. Though it can be a bit challenging to find out how ;). If you're not really familiar with the wonderful world of PKI i'd recommend taking a look at easy-rsa:
https://easy-rsa.readthedocs.io/en/latest/
Two gotcha's you might want to consider:
1. Import the CA certificate into ESET PROTECT ( / ESET Security Management Center)
2. When generating certificates, make sure agent certificates have the word "agent" in the CN, and server certificates have the word "server" in the CN.
Also, check out this help page: https://help.eset.com/protect_admin/latest/en-US/custom_certificates.html