Thank you for posting in Microsoft Q&A forum.
Check if this discovery script helps:
#Check for EnableCertPaddingCheck
$a = (get-itemproperty -Path "HKLM:Software\Microsoft\Windows\Cryptography\Wintrust\Config" -name "EnableCertPaddingCheck" -ErrorAction SilentlyContinue)
$b = (get-itemproperty -Path "HKLM:Software\Wow6432Node\Microsoft\Cryptography\Wintrust\Config" -name "EnableCertPaddingCheck" -ErrorAction SilentlyContinue)
if ($a -eq $null) and ($b -eq $null)
{Write-Host 'Compliant'}
Else
{Write-Host 'Non-Compliant'}
If the answer is the right solution, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.