For SideCar to operate as described, your Mac must be split-tunnelling its network traffic - traffic to your local network network being routed outside of the VPN. By contrast, your iPad VPN-client is evidently routing all network traffic to the VPN tunnel - and as SideCar relies upon the local network to carry traffic between the Mac & iPad, then, it cannot exchange traffic with the Mac - and SideCar breaks.
The “fix” is technically simple - in that the VPN-clients at both ends of the connection must be securely configured to permit split-tunnelling - with local network traffic (or at least, the necessary protocols and client addresses for SideCar clients) remaining outside the VPN tunnel.
Unfortunately, outside of Enterprise configurations/environments where a “profile” is built and installed upon the iDevice, most VPN commercial clients (that can be installed on the iDevice) lack this level of configuration control. Herein lies the fundamental issue; the VPN-client developer must expose these configuration elements to the end-user - and the VPN-client developer is constrained by Apple’s rules concerning Apps.
As such, whilst from a technical perspective the “issue” is easy to resolve, on a practical level it is considerably more difficult.