From what I’ve read about the subject over at XDA, if your rooted and just using an app that will allow tethering, the carrier can tell. If your running a custom ROM, that’s somehow preventing them from knowing.
Don’t ask me how that is since it’s way beyond my knowledge of it. So far, it appears they are correct.
A custom ROM cannot bypass DPI. DPI analyzes everything you do over the Internet, and all it takes is to catch you doing one thing that cannot be done on an Android phone, run one piece of software that doesn't exist for Android and uses the network. DPI can run every byte of your traffic through a bank of signatures, and if bit of traffic matches up to a known non-Android signature, such as the IE9 user agent string I showed, you get flagged for possible action.
On a wider level, network devices can track general traffic patterns, and flag any that look more PC-like than phone-like. This same exact technology is used in intrusion-detection devices on networks (see if you're being probed or hacked), but it just gets repurposed.
There are ways you can hide some indications. The TTL (time to live) for data packets can be different between a phone and its tethered computer, and thus detectable. But a custom ROM can change the TTL back, masking the tethering. This might be what they're talking about with a tethering app. Still doesn't get you past DPI though.