Why is the WLM not showing a request for 2FA when elevating permissions for a logged in user?

SurePassID Windows Logon Manager (WLM) doesn't get presented when elevating account when Enforcement is enabled.

Setting the Only Secure Windows Login option to 0 from 1 allows our SurePassID WLM to be used for authentication with MFA for things like elevating permissions.

With the option set to 1 (on) our WLM is presented only during the Windows Logon process which is a different process from the elevation prompt.