Which tool can open encrypted DB

I don’t think so. Probably anyone with Duplicati who gets your database can open it with theirs, using --unencrypted-database (just as you could – and it’s not tied specifically to a secret only YOU know).

Clear text password stored in Duplicati-server.sqlite gets into the specifics:

Yes, that was the idea with the RC4 encryption. It is not strong, and has a known password, but at least you cannot do string scanning on the harddisk to find the contents.

For good encryption on database backups, Duplicati itself can do that, but orchestration is important, because backing up the database of currently running backups risks locking and consistency trouble.