This is a 64 bit VBA implementation of Christophe Tafani-Dereeper's original VBA code described in his blog @ https://blog.christophetd.fr/building-an-office-macro-to-spoof-process-parent-and-command-line/
I was on a red team engagement and found out the client uses 64-bit version of Office 2016. Had to quickly modify Christophe's code @ https://raw.githubusercontent.com/christophetd/spoofing-office-macro/master/macro.vba
As described in his blog it spoofs the parent PID (e.g., explorer.exe) and also spoofs the arguements to bypass AVs and certain EDRs.