Provide a version of cmtrace that is compatible with AppLocker / Device Guard
At the moment when cmtrace is opened, it extracts the appropriate architecture version to AppData\Local\Temp<temporary file name>.tmp and executes it. Customers often put cmtrace in the system32 directory of computers to aid with troubleshooting.
With recent randsomware attacks, companies are starting to look at blocking programs from executing from AppData with AppLocker and Device Guard.
A workaround so far has been to copy the tmp file and rename it to cmtrace.exe and placing it in approved directory for executing applications, but this sort of extra effort could easily be solved by providing an update to the tool that simply includes the x86 and x64 versions of the application natively.
In 1806, cmtrace is now included with the client in C:\windows\ccm\cmtrace.exe.
This version is architecture-specific and does not use the launcher.
Rick Becerra commented
I like the fact that cmtrace.exe is now part of the client install. I DON'T like that it's not located in the search path.
Same problem if you use Software Restriction Policy :(