I have a few Windows 10 enterprise workstations (not servers) that we use RDP on.  Running a Nessus scan on these machines shows some medium to high cryptography vulnerabilities (Deprecated TLS and weak cipher suites, vulnerable to sweet 32) on port 3389 for RDP.   

My research tells me that one way to remediate this is to use the IIS Crypto tool.  This tool was made for windows server, but can I still use it on workstations? Or is there another way I should do this?