How to do IPC with UAC elevation safely?

I don't believe there is a security issue here (with certain caveats as noted below). If the user can't elevate, this solution won't work anyway; if the user can elevate, and is malicious, the machine is already compromised. For example, if a malicious user wants to make changes in HKLM, why use myapp.exe when regedit is available?

However, I'm confused by your mention of a server database; how does this fit in with the requirement for elevation? Generally speaking elevation is not required for accessing remote resources. (If either myapp.exe or HKLM contains a password to the server database, it shouldn't.)

As for the choice of IPC: I'm not expert in UAC programming, but searching MSDN I've noticed that elevated COM objects are mentioned several times, e.g.:

http://msdn.microsoft.com/en-us/magazine/cc163486.aspx

see also the powerpoint slides at the fifth link in this article:

http://msdn.microsoft.com/en-us/library/bb756996.aspx

However, if you're not happy with COM (join the club!) then using a named pipe as you suggest should be just as effective. You do however need to take the usual precautions necessary for named pipes - make sure that you create the server end of the named pipe before launching the elevated process, that you check whether the pipe already existed, and that you create it with an appropriate ACL.