Why do MSI files generated by Metasploit fail to exploit AlwaysInstallElevated, and how can this be fixed?

Metasploit-generated MSI files (e.g., `msfvenom -p windows/exec CMD=calc.exe -f msi`) do not request elevated privileges during installation, so they run with the current user's Medium integrity level instead of SYSTEM. The solution is to use a tool like **MSI Wrapper** that explicitly sets the installation to require elevated privileges. For example, by configuring the MSI Wrapper to run the payload with "elevated privileges" and selecting a Per User or Per Machine context, the resulting MSI file will execute with SYSTEM rights, as demonstrated in the article Test Analysis of Privilege Escalation Using AlwaysInstallElevated.