If you ever need to know how to remove all certificates from with a specific issuer, here's a great way to do it.

## This can be a remote PC name as well
$pc = '.'
$cert_store = 'My'

$store = New-Object system.security.cryptography.X509Certificates.X509Store ("\$pcMy"),'LocalMachine' #LocalMachine could also be LocalUser
## Find all certs that have an Issuer of my old CA
$certs = $store.Certificates | ? {$_.Issuer -eq 'CN=HOST.DOMAIN.COM, DC=DOMAIN, DC=EXT'}
## Remove all the certs it finds
$certs | % {$store.Remove($_)}