I can suggest you to fetch your site in ssl scanner but I can not say that it is the best way to solve the problem you have but it works.
SSL scanner is a new tool to me, there doesn't seem to be anything obvious except at the bottom it says
unable to get local issuer certificate
the exception mentioned above should work if MWG is not happy with the certificate provided by the server. However "SSL Handshake Failed" is a failure that can happen before the checks for the certificate takes place. In SSL Scanner -> Handle CONNECT Request you find a rule "Tunneled Hosts". If you specify the host where your site is hosted in this list MWG will not try to intercept the connection, so that client and server basically perform the handshake directly. Otherwise the client will talk to MWG and MWG will make an independet SSL handshake with the server.
Maybe this would be a good approach to prevent MWG from touching anything.