The Windows Player definitely connects to an SNI-enabled host, so that isn’t the issue.
I think it’s far more likely to be AWS denying TLS 1.0 connections. Windows by default doesn’t offer TLS 1.2 even though it’s quite capable of doing it.
Try enabling that, and I think you’ll find that will solve it: