This is question more about windows internals that driver development itself.
From what I learnt myself it looks like that(more or less):
1. Process calls CoCreateInstance to create WMI instance
2. Process loads fastprox.dll
3. svchost.exe looks for providers and loads them into newly created WMIPrvSE.exe process (like cimwin32.dll)
4. I execute some WMI query
5. fastprox.dll uses ALPC to query WMIPrvSE.exe it gets response from cimwin32.dll and passes it back to process that queried WMI
Is that more or less correct? Could someone give me more in-deep overview of what happens under the hood?