When you update the ASM signatures and if configured to do so, any new and/or updated signatures are placed into Staging mode - the period of which is also configurable. When in Staging any of these signatures that are triggered are not blocked, as would've been otherwise. This is to ensure that for this period you don't get any unwanted false positives due to legitimate traffic being blocked by these new or updated sigs. After the staging period you can then choose to enforce all the attack signatures in Staging that weren't triggered in this period. Ones that have been triggered you can audit to either enforce or to disable on certain parameters or disable altogether.
Attack Signatures is not the only use for staging, your assumption surrounding tightening in correct for file types, but also applies to URLs and parameters. Staging can also be used within File Types and Parameter as well, you can place individual file types into staging mode in order to learn lengths and the same is true for parameters to learn their values. So basically you can have your policy in blocking mode and still turn on staging for a particular file type or parameter thus allowing you to keep as much security as possible in place.