Now you don't have to download the source zip or have Visual Studio to see how simple it all is.
How does this code get on the target client? Is that a fair question?
1.) If there is a already a vulnerable trusted app installed on the user's system and executing when somehow you exploit it in proc via, say, some memory attack, e.g., buffer overrun, which then executes this code in context.
2.) If the user chooses to run an unsigned exe containing this code from an untrusted source, say, from your website.