Hi,
Since your program mandates the Secondary Logon service, can it be utilized by attackers if they know a password? Then they could run a program with admin rights if they know the password to an admin account.
If an isolated process starts a non-isolated process, it's considered a weird behavior and blocked.