Advanced Data Protection does not protect CloudKit keys which are not marked as “encrypted” by the developers (emphasis mine):
When you turn on Advanced Data Protection, third-party app data stored in iCloud Backup and CloudKit encrypted fields and assets are end-to-end encrypted.
(iCloud data security overview - Apple Support)
Now I’m no Apple developer, but my understanding here is that data has to be marked with the encryptedValues property to be end-to-end encrypted in CloudKit, and a cursory glance at 2FAS’ iOS code suggests that may not be the case. The GitHub Issue you linked seems to imply it is encrypted though, but the 2FAS contributor there also seems to confuse access controls with encryption a lot, so I’m not super convinced by just the statements there. I definitely want clarification on this.
Edit: Actually, even fields stored with encryptedValues are not E2EE when Advanced Data Protection is disabled. The first part I said still applies though, if 2FAS is not using encrypted fields in CloudKit in the first place, then even enabling Advanced Data Protection will not protect your data in this case.