The signing process is often a separate step.
The rationale is that if one assumes that a build agent can execute any arbitrary code downloaded from the internet (as part of running tests or installing packages), then it would be safe to assume that such arbitrary code can access anything the build agent can access, including the private keys of code signing certificates. If an attacker is able to obtain those keys, they are able to compromise them and resign then and no one will know it was not produced through an authorized system.
So to counter this, binaries are transferred to a separate “clean” machine that doesn’t execute any code and for which the OS hardened to some extent, to sign the binaries. The signed binaries are then packaged and made available for download (or deployment).
Cargo could call signtool if and when it runs on Windows, codesign on macOS, OpenPGP for Linux and simplify the process, but these commands are very different, and have their own requirements. I’m not sure if Cargo will just get in the way trying to make this easy.