Acho que usar o PowerShell pode ser o caminho a percorrer.
$srcStoreScope = "CurrentUser"
$srcStoreName = "CA"
$srcStore = New-Object System.Security.Cryptography.X509Certificates.X509Store $srcStoreName, $srcStoreScope
$srcStore.Open([System.Security.Cryptography.X509Certificates.OpenFlags]::ReadOnly)
$cert = $srcStore.certificates -match "sometext"
$dstStoreScope = "LocalMachine"
$dstStoreName = "root"
$dstStore = New-Object System.Security.Cryptography.X509Certificates.X509Store $dstStoreName, $dstStoreScope
$dstStore.Open([System.Security.Cryptography.X509Certificates.OpenFlags]::ReadWrite)
$dstStore.Add($cert[0])
$srcStore.Close
$dstStore.Close
#Write-Output $cert