Google play services is a monolith, that does a plethora of stuff on the phone, including features like quick share, location services, various Firebase APIs for instant notifications stuff, find my device and whatnot, so I think the size is pretty reasonable.
MicroG requires signature spoofing, which Graphene deliberately does not support. It is more secure to run the real Play services in a sandbox that forces it to be a userland app than to run MicroG as a privileged system app with spoofing.