I am wondering if one can apply Grover algorithm on a key encapsulation mechanism in order to crack the shared key.
No, it doesn't work.
Here's how Grover's algorithm works (simplified): you take a 'fitness' function (that takes a guess at the value you're searching for and evaluates to a '1' if the guess is correct and '0' if it is not - for AES, the fitness function might be 'use the guess as an AES key and encrypt the known plaintext block, and check if the result is the known ciphertext block).
Then, you take this fitness function (and some other Quantum operations) and iterate it a large number of times - if you iterate it the correct number of times, then when you measure the result, it is with high probability a value that the fitness function evaluates to 1.
Now, if we were to consider attacking Frodo, there are two ways to attack it. One could try to recover the shared secret directly from the public key shares; in this case, we have available to the fitness function the public key shares, and our guess to the shared secret. However, we don't have an efficient way to check whether that guess is correct (based on the public key shares), and so we don't know how to build this fitness function (and so Grover's does not appear to apply).
On the other hand, we can try to recover the secret seed that Frodo used to derive the public key [1] (or alternatively, within the Frodo encapsulation process). For Frodo-640 (NIST level 1), this secret seed is 128 bits; since one could define a mapping between this 128 bit value (and public data, that is, the public seed) and the public key, we could use that to generate the fitness function.
On the third hand, we generally do something with the shared key; we may feed that into a KDF (perhaps along with some public data, such as nonces), and then use that result as an AES key. We can build a fitness function based on that, and so Grover's would apply to that system - most likely, this KDF/AES construction would be simpler to implement within a Quantum Computer than the Frodo public key (or encapsulation) process; hence it is likely to be easier to attack the system there (if only by a constant factor).
On the thirdfourth hand, it is reasonreasonable to ask whether Grover's is really a threat against a 128 bit secret - all these fitness function evaluations are done serially, and it would be impractical to evaluate any function $2^{64}$ times in a row. And, while you could try to get around this by running Grover's on a large number of Quantum Computers by dividing up the secret space, we lose part of Grover's advantage if we do that, and so we end up using a lot of Quantum Computers.
[1]: Note that Frodo has two seeds; one public which defines the lattice to be used, and one which is secret, and which is used to generate the sample and error matrices; since the public seed is in the public key, the attacker doesn't need to guess that; all he needs to do is to recover the secret seed.