So if the /dev/random produces the same output two times, the difference in mouse movements will cause the software to produce two private keys.
This won't happen.
/dev/random uses multiple sources as entroy, including CPU interrupts and noise from drivers.
You won't produce the same result twice. Adding mouse movement won't change much.
/dev/random and
/dev/urandom both are considered good PRNGs.
And even tho an attacker might be able to compromise those files, this also means he already compromised the system and therefore does not need to change
/dev/random at all.