Is it true that routers, like the Sophos XGS 87 decrypt the data stream on VPN connections?
With TLS inspection, the client knows whether it's talking to a MITM device that's decrypting the traffic, because that device cannot use the legitimate TLS certificate that the real server would have. (This is the point of certificates and CAs/roots.)
The MITM device will still serve a similar-looking certificate, but it won't validate against the standard set of root CAs – it will only be accepted if your computer has the company's private root CA installed. If in doubt – visit a website, open its detailed certificate information, and you'll see whether it chains up to a public CA or to something suspicious-looking.
Most VPN protocols do not use TLS for the data channel; they might use it for the setup handshake, but then switch over to a different protocol.
According to articles, NordVPN supports the IPsec/IKEv2, OpenVPN, and WireGuard protocols. Out of those, IKEv2 and WireGuard don't use TLS at all, while OpenVPN uses it for the setup in a modified way that a basic HTTPS-oriented DPI wouldn't recognize as TLS, later switching to non-TLS encryption for data.
The app likely uses TLS (HTTPS) to retrieve server addresses, and to enroll the device's WireGuard public key (WG itself is not TLS-based), but one would need considerably more than just a generic TLS-inspecting device to attack the VPN in this way.