CanonicalName is a calculated attribute (constructed attribute), such attributes are not stored explicitly in AD, but are calculated on the fly when appropriate requests are received. Accordingly, they cannot be directly used in filters and queries.
Your request should look something like this:
Get-ADUser -Filter "(saMAccountName -notlike '*off_user*') -or (saMAccountName -notlike '*service*')" -Properties CN,CanonicalName | where{$_.distinguishedname -notmatch "exOU1|exOU2|exOU3"} | ft CN,CanonicalName -auto