Auditbeat running on a windows machine shows the following warnings in logs from time to time:

{"level":"warn","timestamp":"2020-09-17T05:49:57.899Z","logger":"process","caller":"process/process.go:249","message":"failed to hash executable Registry for PID 104: failed to stat file Registry: CreateFile Registry: The system cannot find the file specified."}

The PID 104 is the "Registry" process of windows.
This is a special system process that's present in newer Windows versions since it's part of the kernel so there is no normal binary on disk like you get with regular userspace processes.

https://blogs.windows.com/windows-insider/2017/12/19/announcing-windows-10-insider-preview-build-17063-pc/#QvaEFcpQ7qQu8GPz.97

From further investigation by @andrewkroh:

It should be totally safe to ignore the warning. If we were going to try to ignore this psuedo process within Auditbeat we'd want to find a reliable way to identify it (as to not falsely ignore something that might be trying to masquerade as Registry).

Few options are here like adding these messages to debug logs or removing them entirely, etc.