problem is that, if you want to receive X bytes, you need to store (in worst case) 2X bytes. Record is not decrypted if it's not fully received. There is an alloc/realloc mechanism inside.
Module has 64KB RAM to run everything, including filesystem (if any), TLS (if used), webserver (if clients are in), etc. Check "AT+S.STS=free_heap" after WIND:24.
Basically, using a standard SPWF01S FW, cannot receive all of this amount of data over TLS. Use HTTP1.1 header capability to ask for smaller chuncks (Content-Length / Content-Range). Ask for a customization to your ST distributor/reference.
Alternative option: move to SPWF04S
Retrieving data ...