Simply, 'taking ownership' creates a new Storage Root Key. The password insures the user doing the 'owning' is the same person again should person wish to perform options associated with the ownership password, in command line mode. The password is referred to as the 'shared secret' in the TPM docs and is required in the syntax of the command, required if a vendor wishes to conform to the TPM specs, whether it necessary or not in their implementation of TPM. In Win 7 acommand was, which allows control of bitlocker as well as TPM, which bitlocker depends on:
manage-bde -tpm [-turnon] [-takeownership !Owner Password!] [-computername ] [{-?|/?}] [{-help|-h}]
A problem with TPM implementations is while the standard exist, the implementation by vendors varies and even how the commands behave. I can only speak from Windows experience, it began with making procedure calls like you are doing now around Win7, to fully automated in Win10 or using less error prone management consoles, like tpm.msc. When a user is personally present to take ownership, Admin privilege is enough in Win 10 to execute TPM.msc and use the Win10 generated password, that is unknown to the user, as this password is coordinated by various Windows maintenance consoles. If the user PC is part of a network, its assumed the system Admin is the only one allowed to manage the security features and setting TPM. If a PC user alters their TPM as a local or even as a system Admin and has trouble later, they simply repeat the whole ownership process; given subsequent keys wrapped it will take a while for the process to complete. So in toto, in Win10, Admin can perform the tasks needed for ownership without knowing the previous password used for ownership.
