Since you don' t control Facebook, you have no access to their CA certificate.
If you try the same with a server on your local network and you manage its cert, than you can import it on the Fortigate and it will be displayed on the clients as the official server certificate.
The browser rightly displays the warning message about incorrect certificate error when you visit Facebook.
Any signing certs can be imported on the Fortigate, but if you want to SSL offload all traffic going to external sites without warnings, you can distribute the Fortigate cert to the trusted store of the clients browsers via your internal client management system/group policy.
There' s a brief Fortigate cookbook article about how it can be properly done.
Preventing security certificate warnings when using full SSL inspection
http://docs.fortinet.com/d/fortigate-preventing-security-certificate-warnings-when-using-ssl-inspection-52
Just a side note; implementation on the production network should be discussed with your local legal team though.
I' m sure many employes would not be happy to learn that you are monitoring and logging their banking/health/private transactions without their prior consent.