While an account locked out event does exists in the "Windows Security" and when event logging is enabled in the "ITAD" log - running a query on the ChangeAuditor database does not return a valid corresponding event.
Consider the following situation...
A user types their password wrong multiple times, enough to be locked out.
A Lockout event is generated via Change Auditor.
After a set amount of time, the user's account is automatically unlocked by Active Directory.
The user continues to type the wrong password, and locks them self out again.
No Lockout event is generated via Change Auditor, yet Windows Security log and event logging (ITAD) record an account locked out event.