I looked at the EasyHook and their tutorial samples and even implemented LocalHook with my own API from advapi32.dll, the LocalHook worked when I was making calls from the same app where my hooking code was running, but no interception occurred when I was calling the hooked API from another external process. I guess I was wrong about my assumption about interception from external process.
So now I am looking at the RemoteHook and my impression is that you need to specifically build your injection DLL and inject it into a known process/executable - this, however, is not my goal/scenario. The goal was to intercept a call to API that lives in advapi32.dll regardless of the process that makes the call - that is, from any (unknown) process. This is something, I believe, is called GlobalHook. So, is it possible to write GlobalHook in a way that from my GUI app will intercept a call of any process to specific API in specific Win32 DLL, or .NET DLL such as system.security.cryptography.algorithms.dll (and how do I know in general, what Win32 APIs are being used by this DLL (if at all)? Or should I switch to MS Detour library for Global hook implementation? Is Global Hook implemented with SetWindowsHookEx triggers anti-virus programs?