and client replies with the certificate
*** Certificate chain chain  = [ [ Version: V3 Subject: CN=instance Signature Algorithm: SHA256withRSA, OID = 1.2.840.113522.214.171.124 ....
and server trusts it
*** Found trusted certificate:
That shows that your client is still sending the certificate so we should focus on this.
I unfortunately have no other ideas about winSSL/schannel and why it automatically picks up the certificate, or how you'd stop it from doing so.