Regarding the reasons for using NTLM authentication in a cluster environment, I have summarized the following points for your reference:  
1. Failover clusters rely on Active Directory for inter-node communication and resource management. Ideally, the cluster should use Kerberos for secure authentication, but in some cases, it may fall back to NTLM. 

2. If CSV or file shares use NTLM authentication, disabling NTLM will result in storage access failures.  In this case, after disabling NTLM, issues arose with the CSV.

3. In addition, normally, there might be no issues, but that’s only a possibility. As you mentioned in the case description, this problem occurred during password rotation and CLIUSR issue.  

Here’s the relevant document for your reference:

Security Settings for Failover Clustering | Microsoft Community Hub

So your going against Microsoft Hardening guidelines? 

NTLM authentication: What it is and why it’s risky

Active Directory Hardening Series – Part 1 – Disabling NTLMv1 | Microsoft Community Hub

Thank you for contacting Microsoft Support Service. My name is Frank Feng and I am the Support Professional engineer who will be working with you on this case.

Sorry for late reply. As a result of our internal discussion and confirmation, we consulted the relevant senior engineers and the previous engineer for advice. We recommend the following:

Because the Hyper-V cluster relies on certain services and protocols for communication, disabling NTLM will cause communication failure, which will affect the high availability and normal operation of the cluster. In response to your question, we prefer to use NTLM rather than disable it.