It works on my end without issues: https://i.imgur.com/wg4K3hz.png
I'm guessing you were able to resolve it by now?
I'm not an .htaccess expert, but this is what I have found: https://stackoverflow.com/questions/8978080/htaccess-exclude-one-url-from-basic-auth
The wp-admin/admin-ajax.php file should be accessible at all times, as it is the default WordPress ajax handler, and is used by the WordPress core as well for maintenance tasks. If you add that file to the exceptions, it should do the trick.
If you like my products, don't forget to rate them on codecanyon :)