Their description doesn't really match what they do:
"Observatory by Mozilla is a project designed to help developers, system administrators, and security professionals configure their sites safely and securely.
"
All they check is if you have a few security headers and consider that "secure".
There is a LOT more to website security than adding a few extra headers and HTTPS to your site. Even if you get an A, it doesn't mean anything.
To give an example, Google gets a D, CloudFlare a D, Youtube a C+, etc..
I don't see a problem. They don't claim to be a one-stop integrated security scanner for all your website needs. I'd be happy if they explicitly included something like a link to OWASP with "get more detailed info here". But I don't think they're misrepresenting the service.
The Observatory measures site's compliance with the Web Security guidelines [1] and the Server Side TLS guidelines [2]. It's primarily meant as a helper for website developers and operators.
You need https to guarantee data in transit is not being modified between your server and web clients. ISPs, for instance, have a bad tendency to inject tracking cookies in http traffic.
It actually includes a summary result for https://securityheaders.io on the page. That site, your suggestion, says "A scotthelme.co.uk project - CC-BY-SA 4.0" so I wouldn't be surprised given the similarity in presentation if Observatory was based in some way on SecurityHeaders.io.
"Observatory by Mozilla is a project designed to help developers, system administrators, and security professionals configure their sites safely and securely. "
All they check is if you have a few security headers and consider that "secure".
There is a LOT more to website security than adding a few extra headers and HTTPS to your site. Even if you get an A, it doesn't mean anything.
To give an example, Google gets a D, CloudFlare a D, Youtube a C+, etc..