mount time (time of last mounting of partition) is a pretty good guess.
Maybe mount option in /etc/fstab noatime for /boot (and generally?) would help?
Maybe there is a kernel boot parameter similar to noatime that we could set?
Ideally in live mode mount times shouldn’t be recorded. It’s not a critical issue but for simplicity of dd whole encrypted disk and compare it would be much more handy if this issue wouldn’t exist.
Non-Qubes-Whonix (and Kicksecure) VM images do not have a separate /boot partition. Could could test the same there. I don’t see why grub-live in VMs should be for the purposes of tracking disk persistence issues would be much different than a real host. (Except for separate vs non-separate /boot partition.) Therefore it might be (more) comfortable to test using VMs.
If all files in /boot have the same checksums, what might have changed are file creation dates. (And much less likely: linux user permissions.)