I’m not sure if there is a standard way of uploading the program without the password. I don’t know about one and I couldn’t really find anything about it either.
What I did find after a quick google search are some hacky ways of obtaining the program.
1:
The S7-200 contains a security vulnerability (https://us-cert.cisa.gov/ics/alerts/ICS-ALERT-11-186-01 & https://www.wired.com/2011/08/siemens-hardcoded-password/).
In short, if you have another S7-200 you could try to sniff the authentication packet with for example wireshark. Once you sniffed the packet, you should be able to replay it to the plc inside the machine. This way you can send a command to disable the password protection, which should allow you to upload the program to your computer.
I’m not a 100% sure if it will work, maybe the plc inside the machine has received a patch to protect it against this vulnerability.

2:
Another option would be to desolder the memory IC, I guess. After you have desoldered it, you could try reading it out with a microcontroller of some sort perhaps. When you have dumped it’s memory contents, there is supposed to be a way of finding the password in there. Which then allows you to read the rest of the memory.

For both of these options I’d recommend you try it with another PLC first, because you might mess up (or even kill) the PLC in the process.