This has very little to do with wordpress, but if this answer will help eliminate the usage of session, it might be worth it….
Sessions are stored on the hard disk of the server. This is problematic in a shared hosting scenarion because the session directory is most likely readable and writable by all process running on the server, not only your site. All shared resources on a shared hosting server that do not have OS level user based protection (like directory permissions) is at least suspicious and you should not use it for anything secure or private.
lets repeat Sessions are stored on the hard disk of the server. What happen if you are running in a multi server enviroment? How will you be able to locate your session information. The only way to have it work is to tie users to specific servers which is not optimal.
And again Sessions are stored on the hard disk of the server. If you use sessions as integral part of your HTML generation it means that you can not cache your HTML.
WPEngine, is a shared hosting in a multi server enviroment that does caching by default.
As for WC, as it said in what you are quoting, they do not use php sessions, and invent their own mechanism by storing session information in the DB. This is also a problematic solution as it means that heavy traffic might bring the site down if you do not do it with extreme care (I guess in that case the session starts only when a user starts the process of buying a product). Why they do it like that and do not rely on cookies, you will have to ask them, I assume that tracking incomplete transactions is part of it, another part is that cookie information on http sites is basically public, and if you want to avoid information leakage you need to store it on the server.
What is adviced in your case? this will be hard to say without more details, but probably you should work to eliminate the use of anything which feels like a session. HTTP was not designed to have sessions, and it is best not to fight this fact of life.