You only showed <desktop2:Extension> on down but from the error I suspect you're declaring the extension as app-scope.
FirewallRules is a package-scope extension. Notice how it parents to <Package> and not <Application>. Thus firewall rules apply to all processes in the package, not to individual apps in a package.
MSIX has no intra-package security boundary - one process isn't protected from another in the same package, so per-app firewall rules didn't seem very useful. If you think otherwise please share your feedback with the Windows team via FeedbackHub.
- Howard
P.S. Yes the <Extension> documentation defines activation properties (e.g. Executable) but doesn't mention how they're not relevant for some extensions. <Application> and <Extension> are 'activatable extension points' but a few extensions aren't "activatable" e.g. windows.firewallRules are just definitional rules to the Firewall, nothing to 'activate'. Thus you can specify the attributes in appxmanifest.xml but Windows ignores them. This was recently identified as a doc error and on our radar to address.