O artigo link do Microsoft TechNet fornece uma resposta perfeita para isso ; e tem a ver com o fato de que até mesmo as contas de "Administrador local" ainda são executadas com tokens de "usuário padrão" para a atividade normal do dia a dia.
What does "running with a full administrator token" or "running with an elevated token" mean in User Account Control?
Applies To: Windows Server 2008 R2
Applications normally run with the level of access granted in a standard user access token, even if the applications are started by a user that is a member of the local Administrators group. "Running with a full administrator access token," sometimes referred to as "running with an elevated access token," means that an application is allowed to use the user's full administrator access token, which includes the administrator security identifiers (SIDs).
Note The user must be logged on as a local administrator or be able to provide credentials for a member of the local Administrators group.
Nota: Embora o artigo se aplique ao Server 2008 R2, o mesmo se aplica a todas as versões modernas de cliente e servidor do Windows.