I still this the issue apply even for you. In this case you ask for the domain aaa.exmaple.com and that does not exist in public DNS.
Now I cannot be sure but the issue I see is that the question I send for a CNAME is not managed within the device but is sent to the external DNS resolved you have.
Did a little test:
I added the following:
/ip dns static
add address=1.1.1.1 regexp="\\.cnn\\.com"
This produced the following:
Non-authoritative answer:
Name: turner-tls.map.fastly.net
Addresses: 1.1.1.1
Aliases:
www.cnn.com
So in this case I see the answer I was expecting.
Then we remove A record and add this:
/ip dns static
add cname=one.one.one.one regexp="\\.cnn\\.com" type=CNAME
This produced the following:
Non-authoritative answer:
Name: turner-tls.map.fastly.net
Addresses: 2a04:4e42:14::323
151.101.85.67
Aliases:
www.cnn.com
As you can see I get a response but this is the "real" IP's you get from external resolver. So this indicated the CNAME question
www.cnn.com is sent externally and not managed in your device
And just to prove my point here
I added this:
/ip dns static
add cname=one.one.one.one regexp="\\.example\\.com" type=CNAME
This gave me this result:
*** UnKnown can't find aaa.example.com: Non-existent domain
Then I went to the logs of my external resolved (NextDNS) and found this in the log:
2021-10-12T08:09:34.389544+00:00,aaa.example.com,A,true,DNS-over-HTTPS
So in this case the question for aaa.example.com is not honored on the DNS resolved in Mikrotik but is instead send to my external resolved asking for an A record.
So I think you have the same issue. MT has confirmed they have found the issue but there are not fix for this in the pipeline yet as far as I know.