I solved my problem by temporary making myself vulnerable. I created a new wallet with the same seed on the online system and with that I could get the private key for the change address. Does the system need to be online for the proper change address to be generated? If so, how could I possibly sign a transaction where the change address was an input address? So it's solved but I'm confused
It doesn't need to be online to transact. The unsigned transaction generated by a watch-only wallet contains instructions for the offline wallet to generate the necessary key pairs and corresponding addresses to sign the transaction. However this system wasn't designed for claiming altcoins
You could have run that command with a higher range in the console (replace 30 with a larger number). Your change address must be at a higher index that I thought.