You need a CSR to obtain a trusted certificate from one of the many certificate providers.
From 6.4.0, CompleteFTP supports generation of CSRs from within the CompleteFTP Manager.
More details can be found in the User Guide, here.
Make sure you keep your private key securely! The CSR can be sent to the certificate authority (CA) that you have chosen to use. The private key is NOT sent to the certificate authority.
Before you send the CSR to your chosen CA, you can validate it by pasting it into Verisign's CSR checker.
When you get the certificate issued, for InstantSSL choose the "OTHER" format.