Well Mike S, I agree with you on all points but unfortunately this is an internal auditor and I can't tell them that. Our auditors require Justifications for everything they do not understand, which unfortunately most people do not understand calibration.
You have the other way around. The auditee can not be responsible for educating the auditor on each and every issue they don't understand. As already mentioned, it is the auditor's responsibility to identify the requirement not being complied with. If there is no explicit requirement being violated, at best, the auditor identified some "risk". Who determines if the risk is acceptable or not should be the people with the understanding of the situation.
Measurement devices don't go bad the day after the calibration date expires. Frequency of calibration determination, when well executed, takes into account several parameters such as device calibration stability, frequency of use, storage, usage and handling conditions, criticality of the measurements being undertaken, etc.
If you allow auditors, internal or external, to dictate risk management decisions they are not equipped to make, you are doing your organization a huge disservice.