noesteijver that is correct. Couple versions ago I've revised the Capability feature and standardized it to utilize 100% WordPress core functionality. So if you uncheck the capability, it actually will remove it for the role or user and that is something I later realized is not 100% correct way of handling things.
The reason for that is that WordPress core has two methods that work with capabilities for
remove_cap. I prematurely assumed that these are the only two possible outcomes for capability manipulations. However, apparently
add_cap has the second argument $grant that defines the actual capability status in the scope of the subject (role or user).
I've already updated the AAM to cover this scenario and you can download the release candidate from there https://downloads.wordpress.org/plugin/advanced-access-manager.zip.
Keep me updated if anything.