Hi,
After research, I found below setting can prevent the self-signed certificate generation. But it will generate 1057 error in your system event log. If you do not mind this, you can have a try.
Open Regisrtry Editor > HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations > set the value of "SelfSignedCertStore" to "NUL"
Thanks,
Eleven
If the Answer is helpful, please click "Accept Answer" and upvote it. Thanks.