Further to the disaster: Changing the Avast setup in Control Panel and removing Web Protection and Browser Protection, then disabling the Avast certificate (unfortunately Windows gives no GUI dialog to "distrust/remove") in IE11, and also removing it from K-Meleon--I had imported it to see if it would work--returned me to the prime cause of my troubles.
What Avast did by injecting a certificate onto a hopelessly insecure website was to ensure that IE (any version) would compound the sins by successfully loading it.
With the Avast certificate disabled, I get a message in IE11:
This page can’t be displayed
Turn on SSL 3.0, TLS 1.0, TLS 1.1 and TLS 1.2 in Advanced settings and try connecting to https://ecm3.fxdms.net again.
Using the handy-dandy fixit supplied on the error page, I disabled TLS totally, and enabled SSL3. Instant success!.
It seems I have very unfairly maligned IE. I will not say "sorry", but I will state unequivocally that Avasts behaviour led me to justifiably make the statements, by hiding the facts of an insecure website. The methods used by Avast add nothing to internet security, but reduce the chances of surfing safely by presenting insecure sites as up-to-date. There can be no justification for modifying someone else's certificate. The only good thing to come out of this was Avast's inability to add its certificate to K-Meleon and Opera, so I could see the danger signs, the red flashing lights.
Devs: Avast is very good at its core responsibility, finding and telling us about infected files, "anti-virus". I see no reason to abandon a quality product. But don't stray from your field of expertise. Skills acquisition is good and laudable--but make sure you understand all the nuances before you publish. At this stage, you don't.
Gordon.