To be frank that's also because the cause for an HTTPS certificate error ranges from "malicious hijack" to "misconfigured server setup" to "I lapsed the expiry date" to "I am using a self-signed certificate".
The degree of which these should be scares is not equivalent, yet browsers will treat all of these as equivalent even though they can distinguish between them in the error page. It just results in clickthrough fatigue, where technical users just ignore the warning because it's not worthwhile to deal with even when they really should.
Plus a VPN won't protect you from a malicious hijack, it just prevents them from grabbing your IP address.
The reason the browser doesn't differentiate between them is because the end result is the same - the cett doesn't match the browsers trusted store. The battle has beenosr on self signed certs at this point (unless you're an enterprise, at which point bundle them with your image).
The difference between a misconfiguration and a compromise is intention, both should be treated as equally suspicious.
The degree of which these should be scares is not equivalent, yet browsers will treat all of these as equivalent even though they can distinguish between them in the error page. It just results in clickthrough fatigue, where technical users just ignore the warning because it's not worthwhile to deal with even when they really should.
Plus a VPN won't protect you from a malicious hijack, it just prevents them from grabbing your IP address.