Plesk server was secured with a Let's Encrypt certificate via Tools & Settings > SSL/TLS Certificates > + Let's Encrypt button
The FTP site in IIS is still using the default self-signed certificate, as can be seen in Internet Information Services (IIS) Manager > Sites > server's IP address > FTP SSL Settings:
This is expected behavior. Plesk does not secure FTP sites on Windows.
Installing Let's Encrypt certificate for FTP sites is yet to be implemented in Plesk.
Take part in our product improvement and vote for this feature on Plesk UserVoice.
The top-ranked suggestions are likely to be included in the next versions of Plesk.
As a workaround, it is possible to manually assign a certificate to the FTP site:
Navigate to Tools & Settings > IP Addresses and select the Plesk server's IP
Select a certificate from the dropdown list in SSL/TLS certificate section:
Warning: the certificate for FTP site will not be auto-renewed, it should be renewed manually