Sure group 5 is theoretically more secure but I have not seen it actually being used in the VPNs I've worked with. Simply by using AES-256 uniformly you will be ahead of most folks.
Usually there are so many other less secure aspects of networks that the DH Group would be waaaaaay down on my list of things to improve upon.
However if all your site-site VPNs are under your exclusive configuration control, have at it by setting DH Group 5 at all sites.
Caveats - you will need to be running a high crypto image (K2 or K9) and please be aware of bug "CSCtg97145 - Interface overruns upon IPSEC rekey with PFS and DH5" (applies to ASA 8.0(4) and 8.2(2)).