You have to understand that these are completely different things.
I tried to draw it for better understanding:
AdGuard Home itself can speak encrypted DNS to servers on the internet. (blue part)
AdGuard Home itself can even use encrypted DNS inside your local network (orange part)
Encrypted DNS inside your network is mostly not required and not really useful for people sitting in a normal home setup. That’s why it’s disabled by default.
You can force upstream DNS encrypted (blue part) by using the right syntax. On the configuration page, there is a small hint about how to write the correct server addresses:
94.140.14.140, 2a10:50c0::1:ff: regular DNS (over UDP);
94.140.14.140:53, [2a10:50c0::1:ff]:53: regular DNS (over UDP, with port);
udp://unfiltered.adguard-dns.com: normal DNS (via UDP, host name);
tcp://94.140.14.140, tcp://[2a10:50c0::1:ff]: regular DNS (over TCP);
tcp://94.140.14.140:53, tcp://[2a10:50c0::1:ff]:53: regular DNS (over TCP, with port);
tcp://unfiltered.adguard-dns.com: normal DNS (via TCP, host name);
tls://unfiltered.adguard-dns.com: encrypted DNS over TLS;
https://unfiltered.adguard-dns.com/dns-query: encrypted DNS-over-HTTPS;
h3://unfiltered.adguard-dns.com/dns-query: encrypted DNS-over-HTTPS with forced HTTP/3 and no fallback to HTTP/2 or lower;
quic://unfiltered.adguard-dns.com: encrypted DNS-over-QUIC;
sdns://...: DNS stamp for DNSCrypt or DNS-over-HTTPS resolver;
[/example.local/]94.140.14.140: an upstream for certain domains;