It also said "Likely MITM" for me (Firefox on CentOS 7), but the SHA256 certificate fingerprint in the browser matches the one seen by Qualys (https://www.ssllabs.com/ssltest/analyze.html?d=mitm.watch), so at least in my case it seems to be a false positive.
