HI
You can write search like below.
can you please try it? Please update replace fields with the original field name.

YOUR EXISTING SEARCH 
| stats sum(PropetiesElapsedMilliseconds) as PropetiesElapsedMilliseconds by Properties.Http-RequestId, Properties.MII_ServiceType
| rename Properties.Http-RequestId as Properties_Http_RequestId, Properties.MII_ServiceType as Properties_MII_ServiceType
| stats sum(eval(if(Properties_MII_ServiceType="MES",PropetiesElapsedMilliseconds,0))) as MES,
sum(eval(if(Properties_MII_ServiceType="EWM",PropetiesElapsedMilliseconds,0))) as EWM  
by Properties_Http_RequestId
| eval Total = MES - EWM
| table Properties_Http_RequestId MES EWM Total 

I hope this will help you.

Thanks