I'm not an expert in VPN, so I'm curious about how well does a router
with installed vpn defend against an mitm attack. Since ARP Spoofing
can decrypt https, I'm concerned if it's able to decrypt a vpn too.
ARP spoofing cannot decrypt HTTPS traffic. HTTPS 'sits higher' in the network stack and therefore layer 2 cannot 'see into' the packet. It can though do things to the packet, such as change the physical machine address of whom sent it or where it is going. But it definitely cannot decrypt the packet
Also will the hacker be able to DOS your internet connection?
An attacker could cause a denial of service to any service sitting publically on the internet if they have enough bandwidth to overcome your ingress bandwidth. I do not see though that DOS is a concern within the context of your router being ARP spoofed.
Then, what if let's say one of the device using the vpn is
compromised? Will the hacker be able to use it to hack the rest of
your devices?
Yes - If the VPN is not segregated from the rest of the network via say a Firewall and the other hosts do not have suitable host based firewalls.