That's the ERC20 standard. If in multiple places tokens are generated (for example let's say there is a function farm() for users and one mint() for admins), _mint() is being used to prevent any possibilities for vulnerabilities. Same for transfers (they now use _transfer() in both transfer() and transferFrom())