Some whould say they do pose a risk, however, whether they pose a risk or not is really driven by whether the certificates are in use or not.
Yes you can delete the certificate, but that will invalidate the certificate, again assuming it is in use. You need to keep the issued certificates in the certificate store until the certificate expires or is no longer in use.
Remember, if you delete the certificate and you find it was actually needed you would have to re-create (and issue) the certificate. If your concerned about needing the certificate in the future, you could back the certificate up to a .pfx file– but when you do be sure and backup the private and the public key so it can be restored in an operational state.
You would backup and delete the certificates with the Certificates snapin in the MMC and they type of certificate would determine whether it was in the “personal”, “Computer”, or “user” store.