Since multiple other tools validate these two documents without any issue ...we may think that's an adobe reader bug.

In particular as Adobe Acrobat is itself is torn:

This is not an Adobe bug, it's a feature. (And an iText bug)

When Adobe performs the cryptographic validation, it will also perform additional checks to see if a signature was attacked or not. It analyses several suspects and if that analysis turns out negative, Adobe will show you an error message. This is Adobe misreporting the analysis and validity. However, there is a work around for these hidden requirements.

First of, iText was used in non-append mode to modify the document:

Unfortunately, in specific cases iText 7, when used in non-append mode, introduces changes that are disallowed by the specification. The issue is that iText introduces subsections. That is something the specification allows you to do, but this is explicitly disallowed for the first revision:

Section 7.5.4 Cross-Reference Table [...] For a file that has never been incrementally updated, the cross-reference section shall contain only one subsection, whose object numbering begins at 0. [...]

Below you'll find the xref of the first revision after iText was used in non-append mode, every colored rectangle is a new subsection. To be compliant there should only be one rectangle.

This will be fixed in the upcoming 7.0.4 release, planned for end of July.