Well MS rep was wrong this error is normal for a TPM 1.2 model for anyone wanting more info on this error check this out. so if you got this error Device Encryption Support Reasons for failed automatic device encryption: PCR7 binding is not supported, Hardware Security Test Interface failed and device is not InstantGo, Un-allowed DMA capable bus/device(s) detected, Disabled by policy, make sure you have a TPM 2.0 model and not a TPM 1.2 as the error is related to your TPM chip not beeing compatible see chart below. This is something new according to the page would explain why it use to be supported and is now not according to the page the changed it to TPM 2.0 going forward but kept some of the stuff compatible for older systems all new system will need TPM 2.0 is what i read and understand. Hope this helps others god bless all.

taken from TPM recommendations (Windows 10) | Microsoft Docs
TPM and Windows Features

The following table defines which Windows features require TPM support.
Windows Features TPM Required Supports TPM 1.2 Supports TPM 2.0 Details
Measured Boot Yes Yes Yes Measured Boot requires TPM 1.2 or 2.0 and UEFI Secure Boot
BitLocker Yes Yes Yes TPM 1.2 or 2.0 is required
Device Encryption Yes N/A Yes Device Encryption requires InstantGo/Connected Standby certification, which requires TPM 2.0.
Device Guard No Yes Yes
Credential Guard No Yes Yes Windows 10, version 1507 (End of Life as of May 2017) only supported TPM 2.0 for Credential Guard. Beginning with Windows 10, version 1511, TPM 1.2 and 2.0 are supported.
Device Health Attestation Yes Yes Yes
Windows Hello/Windows Hello for Business No Yes Yes Azure AD join supports both versions of TPM, but requires TPM with keyed-hash message authentication code (HMAC) and Endorsement Key (EK) certificate for key attestation support.
UEFI Secure Boot No Yes Yes
TPM Platform Crypto Provider Key Storage Provider Yes Yes Yes
Virtual Smart Card Yes Yes Yes
Certificate storage No Yes Yes TPM is only required when the certificate is stored in the TPM.