I threw in the towel and disabled SIP. After enabling systemextensionsctl developer on and adding a scheme that elides copying to /Applications/SysExtDev, I can confirm that everything works as expected, so long as I remove the system extension between runs. There must be some funky interaction between SIP and system extensions (and perhaps loading from /Applications) that I was getting caught in. For now I'll just keep developing with SIP disabled, but I'd love to make sure this issue sees the right eyes because it would be really nice to not have to disable SIP. Would it be appropriate to file this as a feedback?

Thanks for linking your helpful debugging thread. As I mentioned, I have already seen that thread and I believe I am currently following your advice. I am disabling and removing the system extension between runs of the application. The problem is that the system seems to simply flag the extension as needing to be removed, but doesn't perform that action until a reboot, or something along those lines, I’m not entirely sure. I believe I am following all the relevant advice and still hitting a wall. It’s super frustrating trying to develop this project because I can’t reliably get the system to install it. How can I escalate?

The system extension won't run until you press the Start button in the main app UI.

Add a user-defined setting called INSTALL_ROOT and set it to /.