I think many consider it bad practice to use alternate credentials with admin privileges during logon.
I have never done this, but I think you can use
- KiXCrypt
- Kix2Exe
- AdminScriptEditor
- ...
You would pack the script together with the kix32.exe or wkix32.exe in an executable. The exe will unpack the script to a temp folder and launch it with the alternate credentials you provided.
But at that very moment, your users would be able to catch that script and get your admin credentials.