the only reason for even considering a replacement for the hash algorithm (SHA-256) is if there were any security risk in using it. for example in the future maybe finding a collision for SHA-256 became as easy as finding a SHA-1 collision today. in which case the replacement should be to a different algorithm not the exact thing (ie. SHA-512).
lets not forget that if we change SHA-256 to SHA-512 we also have to probably change the elliptic curve to a 512 (or 521) bit curve. and that would hugely increase transaction sizes as both hashes and signatures would take twice the previous space.
There was a discussion here where change to SHA512 was suggested with only using the first 256 bits of the result. That way security would be increased while transaction sizes would not take more space. lets not forget that if we change SHA-256 to SHA-512 we also have to probably change the elliptic curve to a 512 (or 521) bit curve. and that would hugely increase transaction sizes as both hashes and signatures would take twice the previous space.
And if SHA512 would be slower, that would just be an added bonus
With 64bit CPU:s SHA512 would actually be faster to calculate than SHA256. That is if the modern CPUs didn't have dedicated instruction sets for speeding up calculating SHA256, which they do.
And I do not think we would have to change the elliptic curve if we just change the hash algorithm. We could, but they aren't really connected.