I don't trust hCraptcha - their main page has a "Try it out" thing, which embeds hCraptcha over Clownflare, which means BCMA will block the main page after the first load. So it's clear to me they support Clownflare in some way.

Actually, the Stop Cloudflare repository said it's all about money. You can see it on hCraptcha main page:

hCaptcha allows websites to make money serving this demand while blocking bots and other forms of abuse.

The "abuse", of course, will be e.g. users who use Tor and they happen to visit a Clownflared website.

Is that the only issue? Well, it also has the issue reCRAPTCHA has - the user is still forced to solve it, the only thing that changes is who gets your data to abuse it.