Can Qualys detect/report on instances of cleartext username and passwords in ini files using WAS?
No, because WAS can see only the content that is exposed via the HTTP layer, and ini files are not exposed in this way (unless there's a horrible web app vulnerability like directory traversal and/or local file include).
WAS performs its testing from the same perspective as a remote user with a web browser. It's an outside-in scanning approach.
You could try authenticated scanning via the OS or Cloud Agent and if you Policy Module setup you can look for this. Typically I look for any Clear Text Authentication and raise the severity on the OS Vulnerability side to a Severity 4 since I really don't approve of credentials of any kind in the clear.
Retrieving data ...