Why should I convert & to & in XSS prevention?

As the comments say and from your linked document:

Rule #1 is for when you want to put untrusted data directly into the HTML body somewhere. This includes inside normal tags like div, p, b, td, etc.

So your question can be answered with "because you apply the wrong rule for your context".

But to cite the applicable rule as well:

The reason this rule is so broad is that developers frequently leave attributes unquoted. Properly quoted attributes can only be escaped with the corresponding quote. Unquoted attributes can be broken out of with many characters, including [space] % * + , - / ; < = > ^ and |.

So, yes, if you consistently and always use quotation marks on attributes, you only need to escape those. But that only needs one slip up and things fall apart, so the general rule is to be more rigorous than absolutely necessary.