You’re using, sort of, the “wrong” intermediate certificate:
i:/C=US/O=Let's Encrypt/CN=Let's Encrypt Authority X3
1 s:/C=US/O=Let's Encrypt/CN=Let's Encrypt Authority X3
i:/C=US/O=Internet Security Research Group/CN=ISRG Root X1
ISRG Root X1 is indeed the root certificate of Let’s Encrypt itself, it’s currently not present in all root certificate stores. Some, like Mozilla (and apparently Chrome too), do have it included (only recently), but others like Android or Internet Explorer don’t.
Therefore, Let’s Encrypt has cross-signed their intermediate certificates with the
DST Root CA X3 (IdenTrust) certificate. That root certificate is present in mostly all root certificate stores.
You can read more about the cross-signing here: https://letsencrypt.org/certificates/
To mitigate your current problem, you’ll need to send the following intermediate (see site above): “Let’s Encrypt Authority X3 (IdenTrust cross-signed)”.
How to do that on IIS? That, I don’t know…