What is "password strength"? In most people's minds, it's the difficulty factor malicious actors would have when they are trying to guess your password. Password strength meters generally answer a slightly different question: how many iterations would it take someone to guess your password if they were guessing every possible character combination in order starting with 'A' through 'z', then 'AA' through 'zz' and so on, a technique known as brute forcing.
What's the difference? Those two things aren't the same because you don't know how fast the bad guys are guessing nor what technique they're using to guess. "Your password would take 1 year to guess" is utterly meaningless without context. How fast they're guessing is usually dependent on the method the server used to store passwords because the most common time they're guessing passwords is when they've hacked a site and downloaded the database of user info. If the hacked server was storing passwords in plaintext, then bad guys can figure it out regardless of your password "strength". Commonly, servers won't store passwords directly and will instead store the output of one way functions like MD5 and SHA. At that point the bad guys can't take the output and figure out the input; they have to guess the input and run it through the function to see if the outputs match. Modern password cracking software can leverage GPUs and make billions of guesses every second, and if you see a site that calculates "years to crack your password" it's generally assuming this scenario with bad guys who are brute forcing their guessing. Sites with better security, like updated versions of Wordpress, will use these functions on the password and then use them again on the output and again and again, so that it may take a few milliseconds extra for the server to log you in but the bad guys will only be able to guess thousands of passwords a second in these sorts of attacks.
And what if they're not brute forcing? A password of "passwordpasswordpasswordpasswordpassword" would take a very long time if bad guys were guessing every single letter combination, but if they were using a modern password cracking tool they'd be able to guess concatenations of words from their dictionary and would probably be able to guess that one a lot faster than "ogNeTJeB6w5YhRsy972c". I haven't seen a password strength meter that actually uses a good dictionary of leaked passwords, yet that's exactly what your password will be up against if a site you've registered with gets compromised.
None of that background directly answers your question, but I think it's necessary to understand in order to answer whether or not a password with those 4 characteristics is "strong". The answer is somewhere between "it depends" and "it doesn't matter". If a vulnerability in your site has allowed a malicious actor to download your list of hashed passwords, whether there's a special character in your admin password isn't actually all that important. But if your 50 character password with high ASCII characters is the same password you use on every site, and you've registered on a site that stores passwords in plaintext, and that site gets hacked, your password strength (by our first definition) has just become very weak. And if you're asking this question, my guess is that you are reusing your password and you're worried that this password you've used all over the internet might not be as great as other password strength meters have led you to believe. That habit is really what's making your password "weak", not whether it contains capital letters.
I gave a TEDx talk on this last year, which I'd recommend watching if you want the 14 minute version of this post. If you want "strong" passwords, use password management software like KeePass, LastPass, or OnePassword to have a different password on every site, and lock your database with a Diceware password.
