So there is a a BOOL parameter called bInheritHandles in the CreateProcessA api, the first image shows it Off/0/false the second image shows it On/1/true, the main point being when its Off/0/false, you dont have a clue what program started it, at least I cant find anything from ProcessExplorer! 
Although the images dont show it in the tooltip, when you only have notepad.exe ie no path in the applicationname or commandline, the tooltip will only show CommandLine as “notepad.exe”
InheritedFlag = 0 !Off/false Notepad appears unconnected to any other app
InheritedFlag = 1 !On/true notepad can be seen connected to C11\Library.exe alongside debugview.exe
These combinations of lpApplicationName, lpCommandLine & lpCurrentDirectory work
Work
lpApplicationName = ''
lpCommandLine = 'notepad.exe'
lpCurrentDirectory = ''
lpApplicationName = ''
lpCommandLine = 'notepad.exe'
lpCurrentDirectory = 'c:\windows\system32\'
lpApplicationName = 'c:\windows\system32\notepad.exe'
lpCommandLine = ''
lpCurrentDirectory = ''
lpApplicationName = ''
lpCommandLine = 'c:\windows\system32\notepad.exe'
lpCurrentDirectory = ''
Not Work
lpApplicationName = 'notepad.exe'
lpCommandLine = ''
lpCurrentDirectory = 'c:\windows\system32\'
lpApplicationName = 'notepad.exe'
lpCommandLine = ''
lpCurrentDirectory = ''
There are notes in the MS createprocessa webpage which explains why for the above.
StartupInfo minimum info to start a process
Module('WinAPI')
IS_CreateProcess(long,Long,Long,Long,Bool,ULong,Long,long,Long,Long),Bool,Raw,Pascal,Name('CreateProcessA')
IS_GetLastError(),Long,Raw,Pascal,Name('GetLastError')
End
CREATE_DEFAULT_ERROR_MODE Equate(04000000h)
STARTUPINFOA Group
cb ULong !Dword
lpReserved Long !LP STR __PTR32 = INT Int = Long
lpDesktop Long !LP STR
lpTitle Long !LP STR
dwX ULong !Dword
dwY ULong !Dword
dwXSize ULong !Dword
dwYSize ULong !Dword
dwXCountChars ULong !Dword
dwYCountChars ULong !Dword
dwFillAttribute ULong !Dword
dwFlags ULong !Dword
wShowWindow UShort !0 to 65,535 WORD A 16-bit unsigned integer. The range is 0 through 65535 decimal.
cbReserved2 UShort !0 to 65,535 WORD A 16-bit unsigned integer. The range is 0 through 65535 decimal.
lpReserved2 Long !LP Byte __PTR32 = INT Int = Long
hStdInput Long !Handle = pVoid pVoid = Pointer to any type
hStdOutput Long !Handle
hStdError Long !Handle
End
Loc:StartupInfo Group(STARTUPINFOA)
End
Loc:Desktop Cstring(1024)`
code
Loc:Desktop = 'default'
Clear(Loc:StartupInfo) !Zero Loc:StartupInfo
Loc:StartupInfo.cb = Size(Loc:StartupInfo) !Set size of Loc:StartupInfo in cb
Loc:Desktop = 'default'
or
Loc:Desktop = 'Winsta0\default'
Loc:StartupInfo.lpDesktop = Address(Loc:Desktop)
Loc:lpApplicationName = 0
Loc:lpCommandLine = Address(Loc:CommandLine)
Loc:lpProcessAttributes = 0
Loc:lpThreadAttributes = 0
Loc:InheritHandles = 0
Loc:CreationFlags = CREATE_DEFAULT_ERROR_MODE
Loc:lpEnvironment = 0
Loc:lpCurrentDirectory = 0
Loc:lpStartupInfo = Address(Loc:StartupInfo)
Loc:lpProcessInformation = Address(Loc:ProcessInformation)
Loc:ReturnValue = IS_CreateProcess( Loc:lpApplicationName,|
Loc:lpCommandLine,|
Loc:lpProcessAttributes,|
Loc:lpThreadAttributes,|
Loc:InheritHandles,|
Loc:CreationFlags,|
Loc:lpEnvironment,|
Loc:lpCurrentDirectory,|
Loc:lpStartupInfo,|
Loc:lpProcessInformation)
Anyway that should get most clarioneers going with this api because the code examples listed in the results by a couple of the most popular search engines, take you to websites like overing flowing stack , exchanging experts, various blogs and their code examples dont work just like the MS code example does not work out the box because of flag settings.