Its a first party Microsoft app:
Im guessing its the same logic Azure uses for iden protection and because you arent using a CA policy it responding with MFA prompts. I would recommend those user reset their passwords and think about moving to a passwordless MFA auth scheme as well
https://learn.microsoft.com/en-us/entra/id-protection/overview-identity-protection