Change Key exchange mechanism in IIS 8
First to specifically answer your question;
"How can i change that to DHE_RSA or ECDHE_RSA?"
The easiest solution to this is to download IIS Crypto and let it do the hard work for you.
IIS Crypto
In order to use DHE_RSA or ECDHE_RSA you'll need to re-order the cipher suite preferences in the bottom left pane of the IIS Crypto window. I currently set the following cipher suite as my highest preference;
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P521
You'll also want to set the ordering of the rest correctly and disable some of the entries. I would strongly suggest using the 'Best Practices' button as it will do of this for you. It will also disable the SSL3.0 protocol and below, and all encryption ciphers other than 3DES and AES 128/256. You need to be aware that by doing this you might cause compatibility issues with very old clients (think IE6 on XP and below). With most customer bases this shouldn't be an issue these days, but some parts of the world still use older software such as this.
The second part of my answer refers to your desire to remove the warning that the latest version of Chrome is showing;
Your connection to website is encrypted with obsolete cryptography
This is harder to achieve. Even after changing to ECDHE_RSA or DHE_RSA you will still see the warning. This is because Chrome is considering AES in CBC mode to be obsolete. The way to change this is to use AES in GCM mode instead, however in order to do that you will need to ensure you have first patched your server with the patch below. This patch introduced four new cipher suites, two of which will do what we need here.
Before I give you the link, this comes with a health warning. This patch was pulled by Microsoft in November due to a multitude of issues. I do not yet know whether it is now considered safe to use, or under what conditions. I have been trying to find out myself (see this SF question)
Use at your own risk!
The patch is KB2992611
Once installed you can now use IIS Crypto to put the following cipher suite at the top of the list;
TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
Chrome will be happy with this. The only downside to this suite is that you lose the elliptic curve properties associated with ECDHE rather than DHE. This doesn't affect security, but does affect server and client performance during key exchange. You will need to evaluate whether this trade-off is worth it for your particular use case.
Finally, it is also possible to achieve this by using one of the cipher suites that combine AES GCM with ECDHE/ECDSA, e.g.
TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256_P521
However this will only work if you have obtained an SSL certificate that uses ECDSA for generating your public/private key instead of RSA. These are still relatively rare (read: expensive), and may cause client compatibility issues. I have not experimented with this option myself and therefore can't talk with any authority on it.
Finally, finally (really, finally). After all of the above, I actually wouldn't worry about it. I am going to continue using AES CBC on my IIS boxes for the foreseeable future. Chrome only shows the aforementioned warning if the user chooses to click and look at the TLS details, there is no indication otherwise just from looking at the address bar symbology.
Hope that helps, and apologies for the essay! ;-)