According to the source code, it seems you're right. But according to the OpenLDAP 2.4 admin guide
(http://www.openldap.org/doc/admin24/overlays.html#Password%20Policy%20Configuration),
it should be wrong, or at least, it doesn't look consistent to me since it mentions the following (when
pwdMustChange is set to FALSE):

The password does not need to be changed at the first bind or when the administrator has reset the password (pwdMustChange: FALSE)

So, from what I understand, if pwdMustChange is set to TRUE, the password needs to be changed at the first bind, or when the
administrator has reset it.

Also, the slapo-ppolicy man pages tends to mean the same thing:

pwdMustChange

       This attribute specifies whether users must change their passwords when
       they first bind to the directory after a password is set  or  reset  by
       the  administrator,  or	not.   If pwdMustChange has a value of "TRUE",
       users must change their passwords when they first bind to the directory
       after  a  password  is  set  or	reset  by  the administrator.