If it is an email address at your own domain then it has nothing to do with the MS account since you control the DNS for the domain and can make sure it doesn't point at anything MS.
So I guess the address in your own domain was just used as a backup address in that MS account, and the address that worries you is something like
your.full.name@some.microsoft.domain. That's a real concern if whoever is trying to take over your account knows something about you, or about whoever you were corresponding with using that address, since using the same address with someone you already corresponded with can really look as if it is you.
Just using an email address with the full person's name is something a villain doesn't need an existing account to do. Anyone can open a new account on any free or paid service, with any available name, and if someone actually knows something about you like full name and address and phone number, something about what you're doing for a living or your personal life, then they can open an account somewhere with something that resembles your name, or even your full name, or they can register a domain name that sounds like something you might choose and use your full name at that domain, and then impersonate you and do things like create debt and leave it to you.
Anyway, if you you are getting notifications from MS about activity in that old account, then sometimes it has a link to report something like "that wasn't me", and there should be some password reset method.
But I guess you already tried this and it didn't work, so perhaps the only way is to try to get human support from MS.
Another thing to check is if the messages are really from MS and not some sort of phishing (trying to get people to enter the login info to their MS account into some phony website), though what you describe doen't sound like phishing, as it uses specific info such as an old backup email address.