I'm evaluating the Microsoft Anti-Cross Site Scripting Library (AntiXSS V3)
I have to say it seems to me that apart from providing a more comprehensive white list of acceptable characters, it's not really bringing anything to the party that a diligent programmer who encoded all his user/agent modifiable output wouldn't be doing anyway.
Am I missing a trick?
I don't think you're missing anything except for the fact that the number of programmers who are aware of proper secure coding is very small, and those that can do it properly are fewer still.
The libraries are written to make things easier for your average developer, and I would assume that any library that is written by Microsoft with the express purpose of enhancing security would be done by a coder (or team of coders) that are experts in the field, as opposed to your normal everyday developer who focuses on the needs of their company. (I would think they would put a lot of importance on doing this right, considering how Microsoft products are always painted as being painted as "insecure" by MS-haters)
As a parallel, think about encryption. A diligent coder could come up with a secure encryption algorithm. However, OWASP guidelines tell you NOT to come up with your own algorithm, but to use tested algorithms developed by experts and well-tested.
If we have a tool by experts that does the job for it, why would we try to do this on our own? I'd say it would be good to use the Microsoft Anti-Cross Site Scripting Library for this reason alone, if it works as advertised.