From the WAF Policy on App Gateway Doc:
You can make as many policies as you want. Once you create a policy, it must be associated to an Application Gateway to go into effect, but it can be associated with any combination of Application Gateways and listeners.
If your Application Gateway has a policy applied, and then you apply a different policy to a listener on that Application Gateway, the listener's policy will take effect, but just for the listener(s) that they're assigned to. The Application Gateway policy still applies to all other listeners that don't have a specific policy assigned to them.
If you associated the WAF Policy to the App Gateway, then all listeners will get that WAF policy by default. If you only want 1 listener to have that policy, then only associate it to the listener (Used for a multi-site configuration).