Yes, Xray does more than just making the traffic look like typical web traffic. It also makes the open VPN server port look exactly like a port serving a legitimate third-party site, with the proper TLS certificate and all. Put it on port 443, make it proxy something like samsung.com or whatever else your censors find inoffensive.
This protects the VPN node from being blocked after a port scan, and gives you plausible deniability: "Yes, I have visited this IP. Let's open it. Ah, I just wanted to look at the newest Samsung phone model."
This protects the VPN node from being blocked after a port scan, and gives you plausible deniability: "Yes, I have visited this IP. Let's open it. Ah, I just wanted to look at the newest Samsung phone model."