Unique value validation isn't complex enough to cover your scenario, so you are doing the right thing by using a custom Recordset. I think you can use something like:
<?php
$rsPWHistory = new WA_MySQLi_RS("rsPWHistory",$Composite,10);
$rsPWHistory->setQuery("SELECT * FROM (SELECT * FROM pw_history WHERE pw_history.UserID = ? ORDER BY HistoryID DESC) AS Last10 WHERE Last10.user_pass = ?");
$rsPWHistory->bindParam("d", "".$_SESSION['SecurityAssist_ID'] ."", "-1"); //ParamID
$rsPWHistory->bindParam("d", "".(isset($_POST["User_Update_group_2_Password"])?WA_SHA1Encryption($_POST["User_Update_group_2_Password"]):"") ."", "-1"); //ParamPass
$rsPWHistory->execute();
?>
Then your validation can just be number validation that the value of: $rsPWHistory->TotalRows is < 1