This is the same as for temporary files.
Recall that the usual way to create some temporary file is to open (2) the file (keeping its file descriptor), then unlink (2) (while still having the open file descriptor). Then, the file data remains in the file system until the process is executed, and close (2) -d this file descriptor.
This is because files are really inodes - not file names in directories. (directories contain entries that associate names with inodes).
The kernel controls the set of "used" (or "open") inodes, and this set contains the inodes executed by the processes (actually, the inodes involved in some address mapping, for example thru mmap (2) or execve (2) )
So, immediately after running /bin/rm /bin/rm kernel has one link to the rm binary as an executable file of the process.
When it processes syscall unlink , it temporarily has two links (one of which is a process in progress, the other path /bin/rm passed to the unlink kernel implementation) and reduces it to unity.
Of course, you should avoid typing /bin/rm /bin/rm , but then you usually have a separate shell, such as sash , to restore your system.