A password manager (like KeePass) offers you the option to copy and paste your password (the clipboard is cleared after pasting/timeout) or to emulate a keyboard and "type" the password for the user.
What are the cases where one method is better than the other? Are there any example threat models where using one of those methods should be preferred?
Without a defining a threat model, it's hard to compare effectiveness. Clearly, both fail in the face of malware running on the local computer. (Either keyboard events or the clipboard can be read from malware.)
With Flash, it's possible to read the contents of the clipboard, so there's a small opportunity there where passwords might be leaked. (Though JavaScript has access to the clipboard, it can't read the contents without the user selecting paste.)
At the end of the day, neither approach is likely to be the make-or-break factors in the security of a password manager.
This is, of course, opinion-based, because I'm not a KeePass developer, but my belief is that the only reason there exists the other method to input a password (i.e. keyboard emulation) has nothing to do with threat models.
The main purpose of keyboard emulation is most likely to overcome those outdated (or, in some cases, braindead) enterprise policies which prevent password paste (in direct violation of NIST guidelines on passwords). Here's an example.
If your bank et cetera accepts passwords from the clipboard, just use that, don't bother.
One thing to consider: there are plenty of legitimate reasons for an application to request clipboard access, but far fewer legitimate reasons to intercept all keyboard input. So I would guess it is easier to sneak a clipboard sniffer past malware scans...even javascript can access the clipboard sometimes (at least after prompting the user for permission).
