After login through ssh, you are using the powershell terminal. You need to type cmd to use the cmd terminal. Then, you can apply where /r C:\ waldo.txt
After login in the target machine I used the following command on the cmd:
type (where.exe /R C:\Users\ waldo.txt)
It returned the flag
thank you for saying this I was suspecting something similar but you really helped me take that step.
This was it for me! This was the problem I had
Running anything without the Admin privileges got me
pattern issues and did not give all directories.
A classic IT mistake on my part 