They DO have a valid SSL and a 91/100 on Scamadviser, and quite a few items that also seem to be listed on eBay.
An SSL certificate says nothing about the legitimacy of the site's business at all. I work in webhosting, and do happen to be the main TLS certificate guy (maintaining it by timely installing new certificates for customers that use our service).
Anyone can request an SSL for any domain. An SSL certificate issuer does not check what your site is used for, as that's quite literally not their job. All they check is that you, as the certificate buyer, are the legitimate owner of the domain, or are in a position to be authorized to act on behalf of the domain owner. This can be done through various means of validation.
And these days, paid SSLs aren't even a necessity anymore, Let's Encrypt was specifically started by the EFF as to make SSL certificates available to everyone and boost the amount of sites using the technology, which they have succeeded in. I believe CloudFlare issues them freely as well to their clients.
I don't know ScamAdviser, but if that's using user-generated input for their scores, they could potentially be hit by bots to inflate scores for scam sites with the resources to do so. That also highly depends how secure their site is against such traffic.
Finally, the items being on eBay is probably telling of where they stole their advertisement titles, descriptions and photos from. These sites are very unlikely to be managed to actual people, they likely run scripts to scrape eBay ads for items that sold for decent money. Then, they post those on their site for relatively low prices, with high stock counts, in the hopes that some of those items are desirable enough that people will tempt it, and lose money.
The more that happens, the more it makes. The fact all of this can be scripted, means that it's low cost, and easy to set up again once they do get smacked by the hosting service provider they are using at the time and need to try elsewhere. It's a lucrative scam.