ZIP encryption is very insecure and there are utilities that crack it quickly.
I'd use something else.
But fundamentally this problem can't be solved without a secure download target (one that has a tamperproof and unique identity number).
It is like the distribution of aviation GPS databases: to prevent sharing, Honeywell lock the downloaded data to the serial number of the actual GPS, and charge a lot of money for the CF cartridges if you buy them physically.