I have another suggestion:
Detect the partially hidden processes, that is: when they appear in the CIS list but not in the Windows’ task manager list.
And popup an alert.
Yesterday I had the problem: a file named Steam.exe (a trojan version) did an internet connection to a weird server (not from the Steam company), and then appeared in the firewall process list; but it was not in the task manager.
I was surprised that CIS has no method to detect the difference and alert us.
P.S. For non-programmers: it is very easy to obtain the very same list of processes than the task manager by programming, so I see no technical problem here.