This is a long standing bug (only occurs in the transition of changing by "forcesig", though).
To reproduce (assumption is it's "force" state for signing authentication):
$ gpg --clearsign -v some.txt && rm -f some.txt.asc
# Success here, card implementation resets its authentication state after signing,
# But GnuPG considers wrongly card auth state is still "authenticated"
$ gpg --card-edit
gpg/card> forcesig # this makes card "not forced"
$ gpg --clearsign some.txt
# Here, the card actually require authentication, but GnuPG wrongly considers it's not needed, so...
signing failed: Bad PIN
# The card behavior is correct rejecting signing