It's not just Microsoft, I believe NIST has the same guidelines now.
Forcing people to constantly change passwords just means they either iterate a number or write them down. It also means they start to resent the tech and people who make them do it. It helps no one.
Other requirements from the same section: retain old passwords to disallow dupes for at least 5 cycles, passwords must be minimum 7 chars, and contain both alpha and numeric.
You might be able to justify non-compliance with a compensating control, but I've never heard of anyone who tried it.
Note that this only applies to employees who are in PCI scope. Most internal staff are not, and should not be!
Similar policies are common for all users though. They pre-date PCI (which is how they became part of PCI DSS) and now PCI's retention of these policies justifies continued use elsewhere. The tail wags the dog.
It's orders of magnitude less of a pain in the ass than password cycling.