Yes. All they'd have to do is grab a list of the entry guards, which are public, and see if you are connecting to any of those IP addreses. The Tails devs are against VPNs. You can search tails.boum.org and you'll find threads about it. It's also hard to get OpenVPN running on the same machine as Tor, because of the way it changes the networking settings. Plus you would have to reinstall it each time. If you wan to hide your Tor use, an easier way is to use bridges, but honestly if you're a buyer, nobody cares enough about you to be watching your internet connection. It is, but it's a false alarm. It happens when you start on an https connection and switch to http, like when accessing hidden services. Your connection to a hidden service is encrypted end to end, so you don't have to worry about that. You can disable the warning.