This because their checkout are just Windows PC with what I guess is some big wigs' nephew's VB/C# app running?
It's not just the wastefulness of the overly large software stack, and the massively overblown hardware requirements that adds, it's the size of the attack surface. Oh and lack of control of a closed platform.
What a grown up would have done is a tiny Linux thing that ran nothing but what was required and locked down. Made with Buildroot or Yocto. Running on some low power ARM thing.
I'm guess they have got some Windows infection.