I don't think that's necessarily true, I think companies are lazy and highly invasive anticheat is an easy win they can license from a 3rd party. Algorithmic security, server-side heuristics, and human review can get you far. I have very, very rarely seen a blatant cheater in Overwatch (maybe 3 times in 10 years?), for example, and yet it's been playable via WINE for almost its entire lifetime.
Overwatch is more dependent upon teamwork, ability usage, positioning, etc.
Cheating is endemic in BR and tactical shooter type games. I remember one f2p game was deleting 50,000 cheater accounts every month.
A key phrase being free to play.
If the developer's winning $20 per cheater detection, and puts in extra resources when there's more cheaters, the equilibrium ends up a lot better.
And even for free games, I could imagine different ways to tie a monetary stake in in exchange for skipping invasive anticheats.
I recently had my faith shattered with I saw someone lock onto an ally through a wall in a kill cam, and I haven't played sense.
Blatant cheaters are bad in some ways, but subtle cheat are far worse imo.
There's no reason that kind of client behavior can't be detected server side.
Detect the mouse moving in a "non-human way"? If it were that easy there'd be no hackers. And even if it where, what about wall hacks?
You can detect with high confidence that a player is aiming at something that shouldn't be visible to them. That goes for both aim bots and wall hacks. The longer they play and the more they do it, the higher the confidence. If you don't want to instaban them because you don't trust the detection enough, use it as a preselection of players to manually review.