You could try overcome the problem Cloudflare vs (Company Name) by putting a prominent note in the top of page, near https lock in address bar:
Transaction is secured by Cloudflare, learn more...
This note also accents operation’s security explicitly.
In my practice of observing (not massive though) non-tech users, they are not paying attention to the https at all, their attention is inside the page. I remember only a case when SSL certificate was expeired and browser showed appropriate message which broke task flow and rised question from user.