The former VBScript, JavaScript methods that enabled one to start client side applications are banned for security reasons.
Custom protocol handler can be one approach as Bernhard Hiller suggested. Still it can be a security leak, since it is global and can not be restricted to a single web application.
You can use Silverlight (
http://msdn.microsoft.com/en-us/library/gg192793(v=vs.95).aspx[
^]) and probably Java FX and Flex also to create "applets", with full trust, and capable of starting local application.
But all approaches need client action, probably an installation with elevated rights.