Shouldn't the string Generate function use ProtectedStrings?

[ThisMakesSenseToMe]

string Generate(Options options, PwProfile profile, CryptoRandomStream random) uses normal Strings to generate a Diceware password.

However, it is used in an override that expects a ProtectedString and there a non-protected string is returned [return new ProtectedString(false, result);]

So the chosen Diceware words are plain to read from memory. I think ProtectedStrings should be used as much and as soon as possible and the normal strings should be zeroed as soon as possible.