"it'll be noticed by others."
No, if I were a government agency and I'm doing MITM for specific targets, I wouldn't do a blank replacement of certs for everybody - I would specifically target only the "people of interest" - exactly to avoid easy spotting.
Again, how many do check the chain of trust of a certificate? Pinning could help, but it has its disadvantages, and Chrome removed it, while MS never used it. And if badly implemented, it's still vulnerable: