This isn’t about whether root is able to bind to the port (i.e. permitting any port < 1024), but rather about firewall policies in general.
It’s an application of the rule of least surprise. A network administrator might add a firewall rule allowing the mail team to listen on port 143 (IMAP). It would be surprising, and therefore a possible violation of their security policies, if that would suddenly allow the mail team to acquire a certificate for their domain name. Misissuance is one of the worst things that can happen to a CA, and it makes sense to be conservative here. If the same network team allows someone to listen on port 80 or 443, however, that’s fair game as 1) whoever listens on that port can already change website content, so is essentially “in control”, and 2) it is similar to how CAs have been determining ownership in the past 5-10 years, so it should not surprise anyone.
I see little reason to change this behaviour given that there are challenge types that do not suffer from this limitation at all. You are, of course, free to raise your concerns on the ACME mailing list, which is where the ACME working group is discussing changes to the current ACME draft that Let’s Encrypt implements.