For awareness, experts recommend creating EDR or SIEM alerts for these executables launching on end-user computers.
Without context, it can be difficult to determine if a particular execution is malicious. In some cases it may be obvious, but for others, monitoring and establishing baseline behavior can mean the difference between a successful defense and a system compromise.
- LOLBAS [https://lolbas-project.github.io]