Good question !
And the answer is not always, see if browser like Chrome is using QUIC then possibly it will not intercepted by AV, that is one case.
Another case, it could be the AV had changed something in the request or the response header and violated the authentication.

In general AV with such enabled behavior intercept the traffic will not be changed or altered, but sometimes (not always) the connection belongs to some software that utilize protection against that like Signal, it will not allow such interception, like many social application, i did such protection in few projects by adding custom TLS extension as extra authentication between server-client, so even when using a certificate, my server/client connection can be checked against such interception, that about protection from an application side, there is another case where the AV insert a header declaring that the HTTP traffic had being inspected, this might lead also to violation in header signature if it was used.