All the device knows is that it trusts some root CAs and not others. You add your personal root CA to the trusted list; so it's trusted.
Unless the site uses some kind of certificate pinning (c.f. HPKP), one trusted root is as good as another.
This is how TLS inspection is done on corporate networks. IT will apply a group policy that puts a company-owned root certificate into the trusted roots on your Windows machine - maybe the same one that's used for the rest of your internal PKI.
You then issue a subordinate CA from that root, and your web proxy infrastructure (Bluecoat or whatever) then uses that CA to do just-in-time provisioning of certs for whatever domains you're intercepting.
