You have 3 options.
1. CPPM is the Root CA
You will just be the full PKI
2. CPPM is an intermediate to your existing Root CA
You will generate a CSR that the existing Root CA will sign then you will import that into CPPM
3. You import a Root CA
You had a third party create you a Root CA and you import the cert and PKey.
From your description I assume you already have an existing Root CA server so you will go through the CSR request in CPPM. Have the Root sign the cert then import it into CPPM. Then Clearpass will now be an intermediate to your Root and had out certs based on your current CA.