Using Group Policy Editor (gpedit.msc) or Local Security Policy (secpol.msc) Security Settings -> Audit Policy -> Audit Process Tracking or Advanced Audit Policy Configuration -> System Audit Policy -> Detailed Tracking -> Disabled.
Even issuing
auditpol /clear
auditpol /get /category:*
shows Process creation: no auditing
Still have those event id 4688 in Security Log.
Windows 10