Mixing trial and production environments can get messy. If possible make two separate installers for each.
There are some prerequisites to making your protection as strong as possible:
- Obfuscate your code with the best obfuscator you can buy.
- Spread the checks for valid signatures in several key places in your code, don't check just once at startup.
- Learn about .NET crypto APIs, such as asymmetric encryption and signatures
- Keep in mind that generated product keys can be reverse-engineered, mostly a concern if your app is high-volume or high-value
Scenario with Activation:
Upon installation or within some time after it you can require users to "Activate" your product. When activating you can generate a plaintext XML file with some components identifying the system - CPU ID, HDD ID, domain name, user name etc. Send said XML to your web service.
The service can then append a random tag, hash the data together and have it signed with a private key and return the signature and the random tag.
Your client software will have the matching public key built-in and will store the random tag and signature locally.
To check if the license file is valid the app will hash the plaintext data and random tag together and check if the signature matches that hash.
This gives you a very reliable way for determining if the instance your client is running is purchased and pretty much guarantees they can't just modify the XML itself.
Scenario without Activation:
Upon purchase send a file with some customer data, such as their name, email, phone etc - make it somewhat personal so the user will be reluctant to share their own license file.
Include a random tag and hash all the data together. Sign the hash and store it in the file as well.
The user will have to save the file at a predetermined location or paste it inside a textbox in your app.