Any executable is vulnerable to DLL hijacking, they're just looking for easier targets that load known DLLs (with known function signatures) from their own folders (NOT system folders).

I'm assuming the goal is to minimise detection by what they call PSPs (av / security products)

This is not a flaw within notepad++

Arguably loading DLLs from non-system folders is bad design in this day and age.

No, it's not, not even 'arguably'.