send_file is the function that handles sending files to the user. It does no sanity check on the input, so it would also happily send protected/../../../etc/passwd or whatever. In your specific case that might not work, but if you are unaware of that type of attack you might produce unsecure code.
send_from_directory checks wether the requested file is really from the specified directory. That way the above attack would not work.
So you can use send_file whenenver the input filepath is trusted. That means either do your own checks or if the input is provided by you (e.g. my_file_paths = {"a": "path/to/a", ... }; send_file(my_file_paths[user_input]) would be okay) you should be fine. For the common case send_from_directory is a helper function that does the appropriate security checks.