I know it's been a while since you asked this question, however I found this post while searching for answers to issues I'm having with AI Protect. Thought I'd clear a few things up:
1. AIProtect does not rely on DNS or provide what I will call "hash signature relay" (I don't recall the exact word) or for DNS blocklists--it's for the most part locally processed. What I mean by "hash signature relay" is that a UTM device (or malware protection on a PC/server/smartphone) will make a "hash signature" of files as they come in and then send them to the vendor's central repository to compare against other known hash signatures. If the signature indicates that the file was associated with a previous compromise, it will then block it or send a warning. AIProtect does not offer anything as far as I've seen that uses "hash signature relay". As far as DNS use with AIProtect, it would only be one point of data to compare vs a UTM signature (likely web filtering or IDS/IPS) to indicate if a certain domain or IP address is linked with events of known compromise, if no other piece of data confirmed this the connection would be allowed to proceed as if there's no problem.
2. My assumption for AIProtect signature updates, which don't seem to update weekly sometimes, is that the router's signatures are only those of the most common threats/viruses for the past X years or so. There may be a base set of signatures for viruses that are still prevalent that could go back decades, but it does not include every known virus. I would expect that when the router checks for system updates it also checks for Trend signature updates.
3. I can confirm that AIProtect has worked for me in the past. The Eicar and Wicar test are 2 of the best ways to confirm this. There is also a downloadable script available somewhere I've found in the past that will test your IPS/IDS by creating traffic that will trigger the IDS, you'd have to google it or it may be available inside a Kali Linux distro..... I know the IPS portion works as my son while playing video games downloaded a cryptominer bot and AIProtect shut it down. However, the protection is likely not as good as what you would find on a bloated commercial system. I've also had some websites blocked. When it blocks websites you'll get an Asus page with a Trend Micro logo.
It would be nice if some of these things were better documented on the Asus site. I know Trend makes some sensor devices designed for home networks, which likely use AIProtect--I've never used one. I do respect Trend Micro as an A/V/security vendor, I've used their products in businesses I work with for 20+ years and it's been about as solid as I've seen. The good thing about these routers is you can provide multiple layers of protection (through different mechanisms and various entities) with the router alone, without installing Merlin. If you install Merlin then you have additional layers of security from the community here through things like Skynet & Diversion.