No, you have not really understood how the roles system works.
.../db/access.php just defines what capabilities exist. The bit above in yellow really only tells Moodle that there is a capability called'mod/certificate:view'. The rest is just details.
You will see that $mod_certificate_capabilities is an array. You can define as many capabilities as you like by adding more elements to the array.
When a plugin is installed or upgraded, the list of capabilities is loaded from .../db/access.php and stored in the database
Admins control which users have which capabilities by going to Admin -> Users -> Permissions -> Define roles in the Admin UI. (Some of the yellow details above are about setting the defaults for those admin settings.) The other things that affect what a user can do are what role assignments they have, and whether there are any role overrides.
The place to put code like has_capability('mod/certificate:viewmycertificatesreport', get_context_instance(CONTEXT_SYSTEM)) is the place where it currently says is_primary_admin, and Kaalgat - told you to change it.
However, if you are not very confident messing with PHP code, it may be better to wait for the maintainers of this bit of code to make the necessary changes, and release an updated version of the module.