Change Auditor is fairly specific in terms of its modules and what can be audited. The application do not currently have the ability to catch any audit Event that relates to a process creation (like Event ID 4688), so this is not something that will not be captured. Change Auditor is a modular application that will catch events based on the license type that was purchased (AD, Exchange, O365, File System, etc.).
In addition, since the Event ID 4688 only occurs due to local actions, an agent would have to be on each machine to be monitored. The workstation agents are very specific in what they collect.