@Elie K, Thanks for posting in Q&A. From your description, I know the device is not managed by Intune. But the Chrome was still blocked. In General, Intune settings are based on the Windows configuration service provider (CSPs). The behavior depends on the CSP. Some CSPs remove the setting, and some CSPs keep the setting, also called tattooing. It seems the setting is tattooing.
In general, we will first replace the existing policy with a new version of the policy that will "Allow *", like the rules in the example policy at %windir%\schemas\CodeIntegrity\ExamplePolicies\AllowAll.xml. Once the updated policy is deployed, then delete the policy from the Intune portal.
But as now, the device is already not managed. You can try the methods in the following link to remove the policy:
Hope the above information can help.
If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.