If your VM is a Gen2 VM, you may add a vTPM to it and enable Bitlocker inside the VM, which would, in addition to encrypting the Host, be the safest option.
Best practice has always been "encrypt all partitions". So at least the host OS should be encrypted and also the VM storage of the host.
Now how will you encrypt the host? Usually, you will use Bitlocker without preboot authentification, so the host may reboot hands-free after nightly automated updates or OS crashes. Imagine you had to enter a PIN each time you wanted to reboot the host - for most people, this is unthinkable.
So without preboot authentification, you will rely on a TPM protector only and that means, the encryption key will reside inside RAM after booting and can potentially be read by technically versatile attackers that have physical access to the server ("cold-boot-attack" / "DMA-attack").
Encrypting the VM in addition will make it very hard to get to it from an attackers perspective, even with physical access. Please see if you find any information on successful attacks on a virtual TPM / the virtual RAM of a VM - I have not yet seen any.
Read this for a start on how to add a vTPM: https://charbelnemnom.com/how-to-enable-virtual-tpm-vtpm-in-windows-server-2016-hyper-v-vm-hyperv-ws2016/