The document has always been encrypted since I started using it (about 2 years ago) on this MacBook. I've always kept VoodooPad up to date, so all previous versions going back 2 years would have opened it on this Mac. Before that, I was using the document on another Mac going back to 2012.
The password is not in Keychain or anywhere else on my Mac.
Some further info. I store the document in my Dropbox folder for syncing. Today I created a new page in the encrypted document, and within seconds the page appeared (unencrypted) as a .vpspotlight file in Username/Library/Caches/Metadata/VoodooPad
It looks very much like Spotlight is able to see and cache the contents of open tabs in VoodooPad.