Unfortunately, the HP Fortify product does not support the PowerScript language.
As a workaround though, PB does emit C++ or C# depending on whether you are a) compiling to machine code; b) deploying as a Winform app; c) deploying a .NET Assembly; or d) deploying Web Service. During these compilation / deployments - you can trap the generated C++ and/or C# code and then feed that into Fortify. The generated code is basically a 100% reflection of the PowerScript commands. Thus, the Fortify scan of the generated C++ / C# source should expose any vulnerability issues from the static perspective.
Note: the Winform deployment option was removed in PB 2017 but was present on PB versions 11.x through 12.6.
Regards ... Chris