Thanks a lot for some detailed researh there, I appreciate it
Well, BUILTIN\Administrators are already in the SCOM administrators, but it allows you to add only domains accounts there. I'm not sure if it means we need to add domain\computername$ account into SCOM admins, I remember the howto solution working just like it's written, so I wonder which part doesn't work for you.
Could you try to analyze Operations Manger logs for possible clues about which permission is being used?
I guess we can modify a script to execute SCOM commands under different account, so we'll figure out a solution for you anyway, don't worry