It'll work on any device that supports SHA2 signed certificates where the ISRG *or* the IdenTrust root is present. Any devices that don't support SHA2 signed certificates are outdated - SHA1 has been known to be weak for about a decade and these certs are
deprecated.
The devices it doesn't work on should be replaced with something less ancient.
Source for this claim? Sounds like a pretty crappy ACME client implementation if this is indeed true - and in any case you can always do it manually - I'm very sure this isn't a problem with Let's Encrypt. Once properly set-up with the webserver I cannot see how cPanel can be impacted by the CA you happen to use.
Yup, Let's Encrypt is free because Mozilla, the EFF and
other sponsors wanted to make TLS accessible and easy to automate. It's not because, as you seem to insinuate, the service is of a poor quality. Indeed, Let's Encrypt has a better security track record than commercial CAs such as
Symantec,
StartCom and WoSign! Furthermore the ACME protocol is an open standard and has been scrutinised by many professionals to ensure the domain ownership verification process is secure.
I think the term you're looking for is "EV".
----------
I'd suggest doing some more reading on the ACME protocol and Let's Encrypt.