I was able to do what you want using
$text.replace('WORD3','new $_ text')
this gives the expected output
WORD1 WORD2 new $_ text WORD4
While this is technically possible, there's probably a better way to go about it.
And speaking of better ways to go about it, You could do this in a GPO with a few lines of code as a startup or shutdown script, which is how I handle this. With a few more lines of code you could log the results of checking for the presence of this thing and/or uninstalling it, which would undoubtedly be useful in your compliance efforts.
If a GPO-linked startup/shutdown script's not an option for whatever reason, I think I'd use PSExec to kill the process on a list of computers read in from file and then script the uninstall in an appropriate language. Seem to me that this is a lot easier in VB, for example.
a=WshShell.RegRead("HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{2318C2B1-4965-11d4-9B18-009027A5CD4F}\UninstallString")
If a<>"" Then
WshShell.Run(a&" /S"),1,True
i=i+1
end if
(Goodbye Google Toolbar, in that example which I wrote or copied a few years back. Copied, probably. I am rather lazy.)
Without debugging the PS script you copied, I'd point out that you might be running a different PS version, different PS modules installed/loaded and/or there might be some dependencies that your XP machines don't have in place that's causing problems.
Best Answer
Specifying correct type for password should be enough, try:
PowerShell will "mask" password (same as for read-host -asSecureString) and result type will be the one that other cmdlets may require.
EDIT: After recent comments: solution, that gives both option to provide plain text password, or force user to type password (but mask it same way Read-Host -AsSecureString would) and in both cases get [Security.SecureString] in the end. And, as a bonus, you get some fancy prompt for your secret password. ;)
I've used Jaykul's trick here to cheat with prompting for secure password. ;) It will make this parameter very hard to use in CLI mode (-Type your secret password won't work as expect), so it should force users of the script to either omit password (and get masked prompt) or specify it with -password parameter that accepts regular string and converts it to secure string inside script logic.