I forgot to say you would may need to restart the Certify background service after making the http challenge server port change.
Even if the challenge response server fails to start the IIS fallback should be working. Does your entire public website for that domain run on port 83 or do you forward http port 80 to port 83 on that server?
Let’s Encrypt will validate your domain by making a request to http://yourdomain/.well-known/acme-challenge and it will not try any other ports. If you are forwarding port 80 externally to port 83 internally that’s ok, but if not then it won’t work and you’ll need to switch to using DNS validation.