This is the root cause of the failure. Certes (the library used for the ACME conversation and certificate download) needs the root certificate to already be known in order to build the final certificate (as a PFX) and old versions won't know ISRG Root X1, some apps that use Certes also look to the local machine certificate store (Trusted Root Certification Authorities), some don't.
This showed up because Let's Encrypt accidentally started serving the newer chain by default, which uses ISRG Root X1 as the root. Shortening the Let's Encrypt Chain of Trust - #2 by aarongable and it has gone away because they fixed that, but your software will fail to renew when they make that change permanent.
TSPlus could optionally use our Anvil fork of Certes if they like, it's primarily used by Certify The Web (which I develop): GitHub - webprofusion/anvil: A client implementation for the Automated Certificate Management Environment (ACME) protocol - it can build the PFX for any root rather than only using known ones. It's also actively maintained and has hundreds of thousands of users.