From RedGate's docs for SQL Monitor:
Monitoring Azure SQL Servers
The account used to monitor your Azure SQL Server must be the server admin account used to create the Azure SQL Server.
This is partly on MS that they have created this 'SA' like account that cannot be changed and there can only be one (noting that using an AD group of administrators has worked 99% for me as a workaround).
To Steve's point, Why? I can see needed elevated permissions during the setup (ie: create the storage database), but that should run under the creds of the user running the setup. Most (all?) of the Azure database monitoring happens at the database level - not server - so not sure why it cannot use a database account with some elevated read-only type permissions.