Wouldn't any manipulation of a timestamp be fraudulent?
Fraudulent, potentially; but if you're dealing with something that could require some kind of investigation, I don't think you'd want to rely heavily on timestamps. Consider how easy it is to modify the current time of your computer. If you change the time on your computer, and then modify the file, then it will be updated to the "current" but wrong time. There's also the possibility of some corruption in the location of the timestamp on the storage location. Or your computer's battery died and the clock was wrong when you saved your file.
What ethical reasons would anyone change a timestamp?
One reason this exists is for programs that copy, backup, or archive files. Many of the programs that I've used in the past will create temporary files in the location where they're copying data to. They set the timestamps to be 0, which is the start of the Epoch and after the program completes its task, then it updates the time on the file to the time of the original file, NOT the current time, (backups should be exact replicas). If the program crashes or is interrupted for some reason, then it could see that the timestamp on the file(s) are in the past, or they may specifically look for that timestamp as it's very unlikely that there are any files with that specific timestamp. After they see that timestamp, the begin to copy that file again, or resume the previous copy if they're able/configured that way.