Chrome should show the chain: Subscriber Certificate <– R3 <– ISRG Root X1 (Self-Signed), whether your server has a long or short chain. You shouldn't show the old DST Root CA X3 anyway, unless it can't find the ISRG Root X1 (Self-signed) certificate in the client store.
On the Windows client, in a certificate management console, did you verify that the ISRG Root X1 certificate is present in the "Third Party Root Certification Authorities" directory?