Could CMEW make an API call to the Cyberark vault instead of just using the normal ID and password to access the MDB database?  The ID and password would then be supplied by the vault system to log on to the DB server. 

No CMEW (Compliance Management Engineer Workbench) does not natively support making direct API calls to a CyberArk vault for database credentials. 

Customer can write their own program to call that product's API, then write those credentials into CMEW's configuration file. After which Tomcat restart would be required, which can also be done programmatically.