If I'm right in thinking as I just did this on C++ and their not to far dissimilar, then to do a secure execution of the shell command would be similar to
char appName[] = "xcopy.exe";
char args[] = "xcopy.exe source destination";
CreateProcess(appName , args, 0, 0, FALSE,0 ,0 ,0 , &si, &pi);]...