In addition to having a .NET Standard library you also have an application (like a console application) or perhaps a test project. The platform for the application determines what specific assembly referenced by your .NET Standard library to load.

So your library references System.Security.Cryptography.Algorithms 4.3.0 however the actual version of the assembly to load for your platform may be 4.1.0 (that is the version you get on .NET Framework 4.6.1).

So you need to inform your application to redirect the desired version (4.3.0) to the actual version for your runtime (4.1.0). You can do that in the app.config file. Remember that this file is used by the application and not the library. Adding an app.config file to your library will not make a difference.

I tried to create a small project like the one you describe that in addition to a .NET Standard 1.4 library that references System.Security.Cryptography.Algorithms 4.3.0 has a NET Framework 4.62 console application and I had to include an app.config file with the following contents for this to work:

<?xml version="1.0" encoding="utf-8" ?>
<configuration>
  <startup>
    <supportedRuntime version="v4.0" sku=".NETFramework,Version=v4.6.2" />
  </startup>

  <runtime>
    <assemblyBinding xmlns="urn:schemas-microsoft-com:asm.v1">
      <dependentAssembly>
        <assemblyIdentity name="System.Runtime" publicKeyToken="b03f5f7f11d50a3a" culture="neutral" />
        <bindingRedirect oldVersion="0.0.0.0-4.3.0.0" newVersion="4.1.1.0" />
      </dependentAssembly>
      <dependentAssembly>
        <assemblyIdentity name="System.Security.Cryptography.Algorithms" publicKeyToken="b03f5f7f11d50a3a" culture="neutral" />
        <bindingRedirect oldVersion="0.0.0.0-4.3.0.0" newVersion="4.1.0.0" />
      </dependentAssembly>
    </assemblyBinding>
  </runtime>
</configuration>

Anecdotally, this seems to be less of a problem if you switch to .NET Standard 2.0.