Just a note: CCv3.0 redefines TOE as: "a product that has been installed and is being operated according to its guidance." (CCv3.0 Part 1)
Since TOE was defined even in CCv2 to include its guidance, it was pretty nonsensical to assume that the TOE would not be operated according to its guidance.
Administrator is defined as "an entity that has complete trust with respect to all policies implemented by the TSF. " (CCv3.0 Part 3)
I would note that this does not mean that there is an assumption that administrators are non-hostile; I must say, some of the administrators I've known have been pretty hostile people. It simply means that they are in a position of trust.
In any case, by this definition, a TOE that does not have an all powerful user is a TOE that has users but not administrators. There are many examples I can think of for TOEs of this nature - the TOE must be removed from its operational environment for any administration to be performed.
It seems that A.NO_EVIL will have to be evolved to be used effectively in CCv3.
Perhaps: NOE.ADEQUATE_TRAINING - TOE owners will ensure that users are appropriately trained and incentivized to fulfill their security-related responsibilities?