You might consider using CGI::Application::Plugin::Stream.
This will help you stream the files.
Also, if you use CGI::Application::Plugin::Authorization and CGI::Application::Plugin::Authentication, you can easily control access to the files.
For example, you can have multiple groups, each with different levels of access. This would let you have free downloads, downloads for "basic" customers, and different downloads for "premium" customers. Your database will need a table pairing up user id with access level. If someone tries to illegally access a file that they don't have access to, they'll get a "forbidden" error, etc.