Running apparmor inside an unprivileged container is perfectly fine, apparmor supports namespacing for this reason and the profile you show above confirms your system supports namespacing (LXD applies a base profile, then stacks unconfined on top and your container is then free to load its own profiles).
Most likely your issue is a bug in the AppArmor init scripts in Debian which fail to detect a container environment where AppArmor would work properly.
Can you try say images:ubuntu/20.04
for a test container and see if installing apparmor in there behaves properly? If so, then the issue is definitely with the apparmor package at least in that particular Debian release.