I ran into the same issue, it seems like it's still buggy there and I considered the same as you below (evaluate the properties within the workflow from the payload). Now I know I'd have to go the extra mile and just have the workflows trigger for every VM, instead of e.g. only Windows or only Linux VMs.
Quite ridiculous, considering that this is what the conditions basically have been designed for.