The alert runs every 2 hr and if for two consecutive run some host has CPU> 90 then only an alert should be raised. With your condition, if within one 2hr period CPU> 90 for 2 time (2 15 min period) then the alert will go off, which is not desired, hence comparing two periods. Or other options can be tried, conforming to @linu1988 solution.

Value >90|bucket _time span=2h|stats count by _time | stats count |where count > 1

which ever may be the case. If you see the average CPU utilization is more that 90% more than a time then how is it difficult to calculate?

Value >90|bucket _time span=15m|stats count(Value) as count by host|where count > 1

Let's say the search is to scan a list of servers and it returns any server which cpu utilization higher than 90%. Therefore, the count is different for each run.

what do you mean by condition? Isn't same as the count of the event more than 1 in 4AM? It's pretty simple.

One dirty workaround could be to modify the search to run search for both the period ( if search runs at 10:00 AM then it should include result for 8:00 AM to 10:00 AM, again run for 6:00 AM to 8:00 AM) and compare count.
E.g.
search1 earliest=-2h@h latest=@h ..other terms | stats count as count1 | appendcols [search search2 earliest=-4h@h latest=-2h@h|..other terms | stats count as count2] | where count1>0 AND count2>0