I found that this was related to the SMWebDAVModule
If you disable the module / remove it from web.config then you'll be able to generated that .well-known and finish the challenge.
I decided to write a script that switches between 2 instances on IIS. The script stops an IIS instance of "SmarterMail" and starts the “SMRenewal" instance. Both have the same bindings. It then runs the letsencrypt --renew script that will add the necessary encrypted files that can then be queried over port 80 from letsencrypts server. After authenticating the files, the instance "SMRenewal" is stopped and "SmarterMail" is started again. It does take down the mail server but only for about 30 seconds.
Hope this helps.