My experience is that the Avast installation process will install its Trusted Root certificate if the "web scanning" option is enabled (which is the default) during installation. Even if Avast browser extensions are disallowed, and even if the web scanning feature is later turned off, the Trusted Root Certificate will still be there and will still be utilized.
As noted in the comments of the accepted answer on SE, this is not necessarily a security problem as long as the certificate is unique on each PC. But to me, in order for this whole Antivirus-MITM scheme to be secure, the AV vendor has to get a lot of things right. If the certificate generation during AV installation is flawed (say, with a weak RNG), then it could easily be exploited to perform MITM on anyone with the flawed certificate in their trusted root store.
