If they bought a certificate for the previous NPS install, why not just export the certificate (with private key) and import it into ClearPass? That way if they have policies (GPO, MDM or otherwise) setup to trust and look for that particular certificate, there would be no changes. iOS is sometimes picky and will notice it is on another server and prompt the user to accept the first time.
Either way, the choice to buy or use a self-signed certificate for PEAP authentication is up to the customer and what would be acceptable to their users. Despite buying a certificate from a trusted authority, wireless supplicants will usually prompt the user to accept the certificate regardless of whether they have the root CA trusted. Using GPO, MDM, or some other method of specificing the specifics of the wireless profile can alleviate this.
Lastly, consider the CN/common name of the certificate as it will also be used for ClearPass Guest if you use HTTPS. In this case, using a trusted CA is recommended to alleviate random browsers from prompting users to accept a self-signed certificate.