Cert trust has *nothing* to do with Active Directory, domains, forests, or trusts. Systems trust a cert and the CA that issued that cert because they have that CA's cert in the trusted root store.
AD helps facilitate the distribution of the root CAs cert so that clients within a specific domain trust a CA and with an enterprise CA, this is done for automatically, but there's no reason that you couldn't do this manually using group policy also -- the results are *exactly* the same.
The only caveat here is that at least one of the CDPs for the PKI must be available to the clients in the other domain/forest. This last part may already be set up or maybe not. If not, it will cause you pain though. You should get a PKI smart person involved
ASAP though to verify this.