v3.10.1 creates tunnel that makes Windows 10 lock screen disregard WPAD setting

[weiningb]

Our update to openvpn3 library v3.10.1 from v3.7 in our product makes Windows 10 lock screen disregard WPAD setting. With a tunnel connected, on the lock screen with v3.7 the call to the endpoint login.microsoftonline.com (this endpoint is visited when a user tries to login) goes through WPAD thus through our proxy; with v3.10.1, the call to the endpoint unexpectedly goes direct, without a route to the resolved IP thus timeout, causing the lock screen to spin for around 2 minutes after typing in a wrong password. This assumption is confirmed by observing wireshark captures http request to the endpoint through our proxy with v3.7 while no such request with v3.10.1

We are using openvpn2.6 server. The WPAD setting has no change. The server push these configs

push "redirect-gateway def1" # route all traffic through the tunnel
push "dhcp-option DNS <private DNS IP>"
push "dhcp-option WPAD <private WPAD .dat url>"

What changes from v3.7 to v3.10.1 could cause this issue?