As long as you certificate is valid the connection is encrypted.
if it were invalid the vpn wouldn work at all because it cannot use the cert for encryption then
untrusted just means it cannot be verified. This is something common for self signed certs because the other side then does not know the CA that signed that cert so cannot verify it. But it is still usable as it should.
So as long as the cert is valid your vpn runs and is encrpted.
"It is a mistake to think you can solve any major problems just with potatoes." - Douglas Adams