So i may stand to be correct but i believe they get created when you have a data source created and its parser gets activated. so for example, if you have mcafee web gateway and it detects and virus it will send the SIEM this event probably using syslog. as soon as the SIEM parsers it for the first time for that data source, it will create the auto-learned rule. but it will only create an auto learned rule if a parser exists and and event that triggers that parser is received.
Data Source Rules on the Policy Editor are Auto Learned by the Receiver as it processes the information sent to it by data sources that are associated with the Receiver.
All the rules at the Data source rules are auto learned and you can delete them.