Is there no way of doing this (apart from SCEPMan cloud cert) without having an Ent CA?
That's correct. Microsoft NDES works only with Enterprise CAs, which in turn require real Active Directory (not AAD).
Is the Ent CA required for certain fields in the cert template for intune devices
Enterprise CA is necessary for both, NDES itself and device certificates too. Normally, SCEP clients generate minimalistic CSRs with subject and public key. They often do not specify additional information about requested certificate. Certificate Template is used to instruct CA what extension and other information to include in issued certificates.
as otherwise we were going to place the NDES on the same standalone server as the CA.
NDES won't work with Standalone CA even if both installed on same machine.