This happens in all of my FGT that I manage. What I've notice, if the trace route is done to a "wan" or "port" interface that is not part of a virtual-switch it looks normal. If you do a trace route to a address connected to a port of a virtual-switch, the 127.0.0.1 comes up
MANHATTANSOUTH # diag ip arp list | grep wan
index=8 ifname=wan2 xxx.xxx.1 00:1b:bc:11:43:1a state=00000004 use=61 confirm=47 update=27 ref=51
MANHATTANSOUTH # execute traceroute xxx.xxx.200.1
traceroute to xxx.xxx.200.1 (xxx.xxx.200.1), 32 hops max, 3 probe packets per hop, 72 byte packets
1 xxx.xxx.200.1 0.373 ms 0.330 ms 0.173 ms
and here's a LAN ( virtual-switch )
MANHATTANSOUTH # execute traceroute 10.1.1.50
traceroute to 10.1.1.50 (10.1.1.50), 32 hops max, 3 probe packets per hop, 72 byte packets
1 127.0.0.1 <gearssdk.opswat.com> 2994.351 ms !H 2999.669 ms !H 2999.987 ms !H
Opswat does end-point protection, so it's something in fortOS that using some protection. Fortinet is a partner of opswat.
So if their is not problem with the connected host, I would chalk this up as cosmetic.
Just my observations.