Hello @rohit goel !
Welcome to Microsoft QnA!
Let me elaborate on your Questions !
Domain user password change from home user PC connected to P2S?
Yes it can be possible but i would go with Radius
Is it possible to join a machine to the domain for the home user over P2S in the above scenario?
Yes you could be able to Domain Join , just make sure the DNS Records for Domain Join are in place and can be reached from the VPN
https://petri.com/an-active-directory-domain-controller-could-not-be-contacted/
Patching home users' machines through Intune (make them hybrid join)
Yes in fact you can start from this step and deploy the VPN from Intune
https://www.microcloud.nl/azure-vpn-point-to-site-part-2-2/
Applications hosted on Application servers in Azure IaaS will be accessible on P2S or do we need to do some extra configuration like Azure active directory Application Proxy?
Te same here , you can deploy Apps via Intune beforehand , and they will be accessible, of course you need correct routing and DNS as well
Remember Application Proxy is used mainly to avoid VPN and provide Access to External Clients , without Inbound Forwarding , as well as provide SSo and SAML \ Kerberos Authentication without VPN
https://learn.microsoft.com/en-us/azure/active-directory/app-proxy/application-proxy
https://learn.microsoft.com/en-us/azure/active-directory/app-proxy/what-is-application-proxy
I hope this helps!
Kindly mark the answer as Accepted and Upvote in case it helped!
Regards