If you present a document you know to be untrue, that’s the same as lying.
OP, get a pen test scheduled and tell the client, “You know, we’ve had a lot of changes since we rolled out. Since you asked, we felt it was best to get a current pen test to reflect our present state.”
No lies (just a slight deception with the truth) and you get a legit pen test your client can rely on.
That sounds like a very reasonable course of action. However... given the circumstances the author is in, I don't think his director is the type to schedule a pen test and then wait for all the violations to be resolved in order to get the contract. (I assume the client, as a government entity, is legally required to obtain a minimum number of bids for contracts and make a decision in a timely manner.)
Lying and fraud aren't the same, which is the author's concern. Lying incurs a social cost. Fraud incurs both social and legal costs.
OP, get a pen test scheduled and tell the client, “You know, we’ve had a lot of changes since we rolled out. Since you asked, we felt it was best to get a current pen test to reflect our present state.”
No lies (just a slight deception with the truth) and you get a legit pen test your client can rely on.