it's been a few years, but I'd like to know if you managed to resolve your issues and how. My professor proposed me a thesis on system administration using osquery and I was trying to use the process_file_events table but it returns nothing.
I start osqueryi using sudo with the following flags:

osqueryi \
        --verbose \
        --disable_audit=false \
        --audit_allow_config=true \
        --audit_persist=true \
        --audit_allow_process_events=true \
        --disable_events=false \
        --audit_allow_fim_events=true \
        --enable_file_events=true

as it happened to you, the file_events table works fine and likewise the process_events table, but not the process_file_events.
The messages show no warnings or errores, and they actually say process_file_events and audit rules are installed correctly:

I0816 12:27:30.478456  9500 eventfactory.cpp:390] Starting event publisher run loop: inotify 
I0816 12:27:30.478528  9498 eventfactory.cpp:390] Starting event publisher run loop: auditeventpublisher 
I0816 12:27:30.478590  9495 auditdnetlink.cpp:372] Attempting to configure the audit service 
I0816 12:27:30.478618  9495 auditdnetlink.cpp:400] Enabling audit rules for the process_events (execve, execveat) table 
I0816 12:27:30.478623  9495 auditdnetlink.cpp:427] Enabling audit rules for the process_file_events table   

Am I doing something wrong? How did you handle your issues? I read there were bugs with this table, do you think they're still in existence?