Take a look at this: https://tools.ietf.org/search/rfc2254

   If a value should contain any of the following characters

           Character       ASCII value
           ---------------------------
           *               0x2a
           (               0x28
           )               0x29
           \               0x5c
           NUL             0x00

   the character must be encoded as the backslash '\' character (ASCII
   0x5c) followed by the two hexadecimal digits representing the ASCII
   value of the encoded character. The case of the two hexadecimal
   digits is not significant.

   This simple escaping mechanism eliminates filter-parsing ambiguities
   and allows any filter that can be represented in LDAP to be
   represented as a NUL-terminated string. Other characters besides the
   ones listed above may be escaped using this mechanism, for example,
   non-printing characters.

Specifically this:

Other characters besides the ones listed above may be escaped using this mechanism, for example, non-printing characters.

Therefore I would try the following. Please let me know if works as I don't have a test lab to verify:

| ldapfilter domain=DIR search="(\7c(sAMAccountName=$User$)(objectSid=$SID$))" attrs="cn,objectSid"