You have encrypted items in the source mail file. I recommend using CMT Add on Tools to run a verify on this user's mail file and configure it to search for encrypted items. If any are found, send the "decrypt encrypted items" email to the user and have them run it to decrypt their email.
CMTu does not automatically remove encryption during a migration. This can only be done with the ID that has rights to read the encrypted email. Each Lotus Notes mailbox must be scrubbed before the migration using the CMTu Add on Tools database which is included with your download. It is in the CMTu install directory <C:\Program Files\CMT Universal\Notes Tools\CMTtools.nsf.
In order to migrate email that is encrypted, it has to be de-crypted prior to migration. This function is handled in the same way as having a user sync their contacts or copy an archive to a Domino server. You send them an email with a button from CMT add-on tools. The one you want is Migration Message - Decrypt Encrypted Items. This will send them an agent run by a button in their Notes client that will de-crypt all encrypted emails that it finds. To find if a user requires this agent, you can have CMT add-on tools check for encrypted mail when you verify the user's mail db. The option is on the first page of the settings:
The users view in CMT add-on tools will show how many, if any, encrypted items were found:
This example shows a user who has a 239MB mail file and no encrypted items.