I would like to suggest that a bit more "intelligence" is added to the download counter - so that it at least has a decent level of credibility to it.
I noticed it currently automatically adds one to the count as soon as you press the button - as many times as you press the button. Some form of ip address filtering, where it only counts a download for each unique ip address would lead to far more accurate results (especially for files with multiple versions) and greatly reduce the chance of exploiting that count.
I would imagine that this cms, like most cms' tracks ip addresses. If so, then every time a download button is clicked, that user's ip address could be compared to a table with download ids and ip addresses - if that ip address doesn't exist for that download id, the count is increased by one, and that user's ip address is then added to that table for that download id. Any further clicks, such as for an update, or simply re-downloading an item, wouldn't be counted.
I realize this solution is not without its faults, as dishonest users could use a proxy, or a dial up connection (new ip each sign on) to artificially inflate their downloads, and that should any smaller countries that share an ip address across numerous people - a download wouldn't be counted when it should. However, any undesired results would be far, far less then the current potential of abuse and the current level of inaccuracy.