Hi @pradeipk, and welcome to the LE community forum
The first step is to choose an ACME client that works within your environment.
To that end:
If Internet HTTP [port 80] requests can't reach [nor can be made to reach] your Windows system, then you may be limited to DNS-01 authentication.
[hopefully HTTP can be made to reach it]
If so, you can use any Windows ACME client and run it in standalone mode to obtain the cert locally.
If not, and seeing as the domain is what it is, you may run into a bit of trouble trying to add TXT records in that DNS zone to validate the DNS-01 challenge.
So...
The (first) first step (to complete certificate automation) is to ensure that the HTTP challenge requests can reach your server.
Listen closely:
You can use the cert for whatever you want.
The "client" I speak of is the ACME client.
[the one the gets and renews the certs for you]
Also, if the cert must be a wildcard, then you will be required to use DNS-01 authentication.
OR, since you've updated the "domain" to:
If the "local PC" can't be made to be reached via HTTP over the Internet OR it requires a wildcard cert, then:
You must obtain said cert via DNS-01 authentication.
Acquiring a certificate and using it are two different things. You can use a domain validated certificate for anything with a fully qualified domain name (e.g. opcua.yourdomain.com) it doesn't have to be a website or a web server. Your service will have instructions on how to apply the certificate once you have it.
For ACME (Let's Encrypt) certificates you will likely need to use DNS validation to order your certificate as your host name will not correspond to a public web server.