encryption – is this a good practice for storing private keys?

I’m working on a centralized exchange for cryptocurrencies. the approach that I’m taking for some reasons is to create an account(private key) per user. now my problem is how to safely store private keys in server. since I’m using a VPS so it’s not possible to use HSM or any other hardware solutions.
now the approach I’m taking is this. for each user when he creates his account, I’m gonna generate a private key and encrypt that private key using his password. now if some user wants to transfer cryptocurrency from his inside platform account to his external account, in addition to his external account address, he also have to provide his password and I’m gonna use his password to decrypt his private key and sign the transaction using it.
now even if my database compromises, the attacker cant use private keys since they are encrypted and he cant use password to decrypt them since passwords are hashed.
now I wanna know that is there any problem with this approach that I dont see?
thanks in advance.