Thank you for the offer. Glad to know.

It was an emergency situation where I had to do a release yesterday to fix a bug so I called Sectigo support.

Basically if anyone has this situation, you just go back to the browser that you used to download the certificate (or perhaps login to your Sectigo account and download it again).
Then just re-export it. I thought the password was related to the certificate but it is only used to protect it once exported.
So when exporting it again, you can set a new password. I did that and exported to a new file with new password and VOILA could sign my code again.

I still wonder if there is a way to sign the program EXE file from SetupBuilder rather than having to do it in the BAT file before compiling the installer in SB.