In case anyone is still trying to catch this error, here's what I changed...
In wheels/events/onerror.cfm, I replaced:
local.rv &= $includeAndReturnOutput(
$template = "wheels/events/onerror/wheelserror.cfm",
wheelsError = local.wheelsError
);
with the following to change the path to my onerror.cfm for only this particular error:
local.authtokenerrorpath = "wheels/events/onerror/wheelserror.cfm";
if ( arguments.exception.rootCause.type == "Wheels.InvalidAuthenticityToken" ) local.authtokenerrorpath = "/events/onerror.cfm";
local.rv &= $includeAndReturnOutput(
$template = local.authtokenerrorpath,
wheelsError = local.wheelsError
);
I hate editing core files directly, but this was a pretty visible error for my users. Seems like this error should be visible in the local onerror.cfm event.