It's a shitty design of a product that sends SNMP notifications and I would brought this up to product devs. But it will keep working.

The idea of engine time and enginge boots is indeed to prevent replay attacks. How it works:
Engine time indicates the time passed since SNMP engine was started. Engine boots indicates how many times engine was restarted with current configuration,
When Reciever (Zabbix in our case) receives first SNMP trap it saves indicated engine boots and engine times, and starts it's own timer, starting at time indicated by engine time. In future traps it expects engine boots to be the same or higher and engine time to be equal to its own locally counted timer (with some degree of leeway window here). If in new message engine boots is lower then expected or engine time does not match Zabbix expectation - receiver should just discard this messages as a possible replay of previously sent message by some malicious actor.

When sender would be rebooted - it can not keep its own timer, as the engine was offline for some unknown amount of time. So sender increments engine boots value and starts fresh local timer for engine time and sends message again. Receiver, when it gets message with higher engine boots then local, saves new value for it, discards local engine timer for this client and starts it anew beginning at engine time indicated in new message.

So if for each message your sender increases engine boots - Zabbix will keep processing traps just fine. Based on rfc 3414, maximum value of engine boots is 2 147 483 647. So that would be the maximum amount messages this setup will be able to handle before breaking and needing manual intervention. This should last quite some time, unless you have some huge amount of messages going through.