Welcome to the Auth0 Community!
First, I would like to emphasize that the ASP.NET Core MVC SDK is for Regular Web Apps, which are confidential clients. This uses the Authorization Code Flow for authentication and can securely store secrets.
Whereas the Authorization Code Flow with PKCE is used in Single Page Applications and Native Apps for authentication. This is needed because SPAs and Native Apps are public clients and cannot securely store secrets.
With that said, I can confirm that implementing the authorization code flow with PKCE with a Regular Web App will not work.
I have tested this myself and found that it throws a 401 Unauthorized error with a Regular Web App and works when using a SPA or Native App.
Hoped this helps!
Please do not hesitate to reach out if you have additional questions.
Thank you.