AES/cbc, like similar cyphers, works on blocks of a fixed size (16). To ensure the right length, padding is added to the last block using one of three main techniques, and that has to be known when decrypting:
Nulls. Nulls are added to the last block bring it up to the required length. After decryption, the nulls are stripped. This is likely the method being used by the online tool.
Nulls with count. Nulls are added with a count of the padding. For example, if the last block required 5 additional bytes, this padding would add 00 00 00 00 05.
PKCS. This is the most popular and adds the count repeated count times. In the example above, the padding would be 05 05 05 05 05.
Take a look at my M_Crypto module. It implements AES (among other things) and comes with a tool that will let you try different encryptions with various options. That should be able to tell you exactly what options Chilkat is using. (Or you can use the package instead for pure Xojo code.) Based on your post, I’d say Chilkat is doing it correctly, but you didn’t post the password you used so I cannot confirm directly.
Finally, I gave a talk on encryption at XDC, and that video is online. Although it relates to databases, it starts with an explainer of encryption terms.
I didn’t include CFB mode (although I could), so you’d have to use CBC, and including a hash of the plaintext is not recommended as it would allow someone to brute-force the plain text, bypassing the encryption entirely.
Otherwise, sure.
The project itself comes with examples of how to use it.