There's no way to see who has the calendar in their CalendarList unless you're able to authenticate as each user (as would be the case if this app is internal to your domain and you're using an OAuth 2.0 Service Account to access all users).
You can however use acl.list() to determine what users/groups have access to a given calendar. Having access does not necessarily imply that the user has the calendar in their list of calendars and if the calendar is shared publically or with a group, the user may not be explicitly listed in the ACLs even though they have the calendar in their list.