Thanks @myron song , this is what we found:
Conditional access policy was applied because the Zoom app calls Windows Azure Active Directory and a policy has been applied to this resource
The request was subject to policy enforcement due to matching the following policy conditions: Application, Users, Devices
00000002-0000-0000-c000-000000000000 is Windows Azure Active Directory. Please reach your CA admin so he can confirm if this is the correct outcome. The policy applied is NYeC-Z* with Id 28b62a1c-2* (characters hidden for the sake of confidentiality).
--
Please let us know if this answer was helpful to you. If so, please remember to mark it as the answer so that others in the community with similar questions can more easily find a solution.