The only difference is venv creates link to python, it does not copy binary itself. You now have python3 -> /usr/local/bin/python3 in your venv.
Since /usr/local/ has wxallowed by default (see your /etc/fstab) it works. Does it affect security? In theory -- yes, because python can now create WX pages. One may say that it sounds paranoic, and in fact it is, but OpenBSD is _paranoic_ about security. That is why it has W^X. They left wxallowed for /usr/local because there are a lot of software in ports, written by less "secure paranoics" than openbsd developers, and this software needs WX. Some python packages are good examples. Python port maintainer added wxneeded to python because of these packages. But if you do not use any of these packages, you can disable wxneeded removing any (theoretical) threat that may use WX. That will make python more secure and (as side-effect) fix virtualenv problems. It is less important for developer laptop, but if you can improve security, why not? You will not create "big security hole" with your current approach. You will not create it even by adding wxallowed to /home. So, it is not a critical issue. But I feel that decreasing security by running wxneeded app with out of good reason(if you do not need these packages of course) is not "OpenBSD way":)
