routerOS needs more firewall features but not in the way that you mean. What you see in those dedicated firewalls and also consumer routers are basically preset rules. Its a bit like an antivirus that inspects certain rules, This can be replicated with some effort in routerOS currently. You should be asking for more example firewall rules to prevent worms and such. It sounds to me like you dont know much about routerOS firewall because there already is IP and DDOS protection but it just has to be set up.
Yes, you are right, firewall is not a router and router is not a firewall. If I need good application firewall, I will go and buy one. Router is not a place to do application and content filtering (etc.).
Its like you're saying that hotspot should be on a dedicated hotspot server not on the router and that wifi APs cannot be routers/gateways.
RouterOS is an industrial grade router meaning that it includes a lot of functionality from firewalls to many different routing methods like BGP and clearly has L7 firewall capability that can be used for virus protection on the software level. WIth a dedicated firewall, the small ones have limited throughput and if you're a building or institution you'd be using big ones that take up like 2 rack units each which is basically about the same throughput you would get if you use L7 on routerOS for the similar hardware. I've seen dedicated networked AVs and firewalls and they got phased out.
What routerOS needs is more flexibility in firewall such as multiple addresses using the OR attribute so that rules can be generalised for multiple networks, using address list in targets, interface with all protocols, etc.