I tried it about a year ago and I got the same issues you had and I decided to try it again last week and I got it working. I'm certain there has been some amended documentation since I tried it but there were some key things which I needed to double check so try these things below first of all.

Most of the setup is actually in Azure, not SOTI MobiControl, so the SOTI stuff should be fairly simple, which is probably why there isn't much documentation elaborating further.

So in SOTI MobiControl:

1: Join your Azure tenant to SOTI and if it says it's in sync then great!

2: Ensure the compliance policy is set up as per SOTI's documentation and assigned to the device you are testing with! Do this first, as I found it has a slight sync delay. It should say compliant in the above compliance section of the device and the "Set Azure Conditional Access" section at the bottom. It's the bottom bit which has the delay. 

3: That's about it!

In Azure: 

1: Ensure that in Endpoint Manager (Intune) > Tenant Administration > Connectors and Tokens > Partner Compliance Management > that SOTI MobiControl is set up as priority 1 in Android, iOS and macOS and that it is reporting back as Active

2: IMPORTANT - This is what I had missed and possibly what you are after. Make sure your test user is part of the the "included" objects to the SOTI MobiControl link for the chosen platform that you set up above. What I did was create an Azure AD group called "365_SOTI_Compliance" but you can call it whatever you want and just assign this to everything. And then I make my test user a member of that group in Azure AD. 

3: Ensure that your compliance policy which is in Azure AD (Entra now!) > Conditional Access > Policies > Policy name > is also assigned to your test user or group which user is a member of. I used the same group I mentioned above. The target resources is INCLUDED: All Cloud Apps, EXCLUDED: Microsoft Cloud App Security as per SOTI's documentation and have grant access and check "Require device to be marked as compliant". I also have "Require Hybrid Azure AD joined device" for my Windows domain joined devices but if you include a second checkbox then you need to scroll down and change the For multiple options to "Require one of the selected controls" rather than "Require all the selected controls". If you only have one option then it shouldn't matter what the bottom option is but it hides down the bottom so maybe set it anyway to "one of the selected".

Just check those things and see how you get on. But I'd ensure your test devices are unregistered from Azure AD before you try it again. Test it, test it again and 3rd time you should be fairly confident. I tried it with a Work Managed device, a Work Profile device and a device SOTI isn't aware of at all. The SOTI unaware device just hangs at the "SOTI Authentication" prompt when you try and log into a 365 application.