Take my scenario:
You're browsing a website, Adobe Reader has yet another bug in it, an advert on the site injects code into that process and starts executing as the current user. It then launched calculator escalates Adobe Reader and roots the entire system.
What would happen with UAC on full? While Adobe Reader could cause issues and attempt to inject its self into processes IN CASE they get escalated later, a more realistic scenario is that it would be greatly limited within its scope to cause damage. Simply
because luck is required (the user escalates something) and it is a lot harder to write.
You're making this harder than it needs to be. It's easier to just say... Mom downloads SuperCalculator.exe onto her desktop. She executes this program. While the calculator UI appears, it silently injects itself into Explorer, gains elevated abilities,
and sets up all sorts of nastyness.