When using gpg --card-edit, admin, generate and following the default prompts, the encryption key is created by gpg (technically by gpg-agent), copied to a smartcard and a backup in OpenPGP format stored with a passphrase in a file ~/.gnupg/sk_LONGKEYID.gpg.
The gpg-agent however has created the key in its private-keys-v1.d directory before it was sent to the smartcard and to gpg for creating the backup. Obviously that on-disk copy should be deleted. This used to happen by overwriting it with the stub file (aka shadow key). Due to other fixes this stopped working some time ago - bummer.
The best fix will be never to write the key to the disk but hand it out to gpg to create the backup file.