Would you mind opening a support ticket about this? cPanel Customer Portal
My first guess is that the affected user is using jailshell (or no shell access) or is under CloudLinux' CageFS, and don't have access to that file. It could also be that there is some difference in the environment; the environment of cron jobs is substantially different from that of the command line. It could also be something totally different.
As a workaround, you might have your user execute the cron job via web request rather than from the command line, with wget -O https://domain.tld/path/to/cron.php
. For security, you should configure .htaccess for the directory containing the php cron script so that it can't be accessed by IP addresses other than 127.0.0.1 or ::1.