When I noticed that the plugin wasn't updating properly, I did a little exploring, and discovered the following.
When spawn_server is called, the scripts does a wp_remote_post to my_domain/?tlc_transients_request. For some reason, on my server, this returns a 403 Access Forbidden response. wp_remote_post to just my_domain works fine, as does the argument my_domain/arbitrary_string.
I would assume this is some server security setting, but can anyone nail it down a little more specifically?