The cluster admin has every permission on every resource on the cluster because the rule is

rules:
- apiGroups:
  - '*'
  resources:
  - '*'
  verbs:
  - '*'
- nonResourceURLs:
  - '*'
  verbs:
  - '*'

whereas for admin role the rules are such that it has almost all permission on almost all resources but its not wildcard access like cluster admin.When a new resource or a custom resource is introduced if you want to have permission for that resource to the admin you need to add that resource to the admin role's rule but for cluster admin it's not necessary because cluster admin has wildcard in the rules.