Those cases of heavy dealing from Apple were nowhere similar to the current situation of Apple changing the rules midstream on a host of products with paying customers.It's not vague, in past cases Apple dealt with heavy hand on devs who bent/failed to latter comply with the rules. You need to understand that even this "downgraded" version(1.3.0) still uses the "fake" VPN method*. Based on section 4.2.1 of the App Store Review Guidelines, which says that APIs and frameworks should be used for their intended purposes, it’s likely that Apple doesn’t see DNS override/adblocking as the “intended purpose” of VPN certificates.
*(to enforce the chosen DNS servers system wide on both WiFi and Cellular Data, which still allows the use of DNS servers that effectively block ads in apps)
This still comes down to taking value away from your paying customers based on an unfounded fear. Apple's strong responses have *always* been in reaction to devs hiding functionality in apps (the early hotspot activation apps, e.g., that posed as games) or similar attempts to get around existing rules. This is a very different case.
Again, just pleading the case for Adguard to take their time on this decision instead of rushing out something that can't be undone. You can always do an update later.