IISNode turning off custom errors with httpErrors=“Passthrough” not working

I'm using a middleware module to validate JWT tokens. When I try to set the status code to 401 or 403 I either get the built-in IIS error HTML or if I set httpErrors to "Passthrough". I'm assuming I'll have the same problem if I use a 404 or 500. I had a similar problem when I tried setting the status code and returning JSON when working with a different API in ASP.NET MVC. I used this article to help me get it right: https://weblog.west-wind.com/posts/2017/jun/01/bypassing-iis-error-messages-in-aspnet. The thing is I have no problems when running the same code from my local machine running IIS. It's something to do with the way the server or IIS is configured where I'm deploying to. Is there something else I need to do in IIS to get this to work? Does it matter that I'm running it as an Application/Virtual Directory within IIS?

Here's the JS code:

const aad = require('azure-ad-jwt');

module.exports = (req, res, next) => {
    console.log('authorizing');
    if(!req.headers.authorization){
        res.status(403).json({
            message: "Auth failed"
        });
        return;
    }

    const jwtToken = req.headers.authorization.replace('Bearer ', '');

    aad.verify(jwtToken, null, function (err, result) {
        if (result) {
            const scopes = result.scp.split(',');
            if (!scopes.includes("Prep.API")) {
                res.status(401).json({
                    message: "Auth failed"
                });
            } else {
                next();
            }
        } else {
            res.status(401).json({
                message: "Auth failed"
            });
        }
    });
};

When I have the web.config like this:

<configuration>
    <appSettings>
        <add key="virtualDirPath" value="/myapp" />
    </appSettings>
    <system.web>
        <customErrors mode="Off" />
    </system.web>
    <system.webServer>
        <!--<httpErrors existingResponse="Passthrough" />-->
        <iisnode
                    watchedFiles="web.config;*.js;api///*.js" />
        <handlers>
            <add name="iisnode" path="server.js" verb="*" modules="iisnode" />
        </handlers>
        <rewrite>
            <rules>
                <rule name="api">
                    <match url="/*" />
                    <action type="Rewrite" url="server.js" />
                </rule>
            </rules>
        </rewrite>
        <security>
            <requestFiltering>
                <hiddenSegments>
                    <add segment="node_modules" />
                </hiddenSegments>
            </requestFiltering>
        </security>
    </system.webServer>
</configuration>

The response is:

When I uncomment the httpErrors line the web.config like this:

<configuration>
    <appSettings>
        <add key="virtualDirPath" value="/myapp" />
    </appSettings>
    <system.web>
        <customErrors mode="Off" />
    </system.web>
    <system.webServer>
        <httpErrors existingResponse="Passthrough" />
        <iisnode
                    watchedFiles="web.config;*.js;api///*.js" />
        <handlers>
            <add name="iisnode" path="server.js" verb="*" modules="iisnode" />
        </handlers>
        <rewrite>
            <rules>
                <rule name="api">
                    <match url="/*" />
                    <action type="Rewrite" url="server.js" />
                </rule>
            </rules>
        </rewrite>
        <security>
            <requestFiltering>
                <hiddenSegments>
                    <add segment="node_modules" />
                </hiddenSegments>
            </requestFiltering>
        </security>
    </system.webServer>
</configuration>

the response is:

So what am I doing wrong or what else can I do to so that I get the correct status code along with the JSON response? If nothing else how can I get IIS to report the error so I can see an exception or something in the Event Viewer?