Create a break point that hits when CreateProcess was called
Enter a Function Breakpoint
Enter {,,kernel32.dll}CreateProcessW in the textbox labelled as ‘Function Name’.
Showing call stack
First, the break point might not hit in the main thread, in that case choose the main thread or other thread that you expect to call CreateProcess. For example, ShExecuteEx does not call CreateProcess in the thread that calls ShExecuteEx.
Load symbols if call stack is not shown
