I’d consider switching to L2TP+ipsec or EoIP+ipsec(for mikrotik on both sides), both use UDP and encryption and should perform the same or better in performance.
OpenVPN on UDP has been requested years ago and won’t come too soon on Mikrotik, probably never.
SHA256 is supported on the mentioned protocols, not sure why openvpn would be more compelling, maybe only to opensource lovers.