Just don't move the app to the SD card.
Here are the main steps of extracting the realm DB from the GShock app:
1. Use apktools for decompiling the apk
2. Modify the manifest xml to make it backupable
3. Modify some smali files to return true (1) from packageMatchesToken methods. This is needed to bypass the cert check during app's startup
4. Use apktools for rebuilding apk
5. Use apktool gui to easily realign and resign the apk
6. Reinstall the generated apk on your phone
7. Use apk backup command to create a backup of GShock app. Id = com.casio.gshock...
8. Use abp.jar to create a .tar file from the previously created backup file.
That's all. You can also use the above method for making the Gshock app debuggable. That's needed to make adb push work, so it will be possible to push a modified db to your phone.
I don't think a company is needed here, that's too expensive
The communication is complicated but it looks understandable based on the decompiled apk, logcat logs.
Yes, I think this is the best solution if you wouldn't like to find yourself being sued by Casio. It's against the license agreement to release a modified GShock Connected