Use your best judgement. Of course they could see who you are if they really wanted to, they own the servers after all. The question becomes: Are they willing to invest the resources needed to track who is who and who has rights to download from their servers? They opted to provide these files, encrypted, utilizing a CDN. Because of this they already have a somewhat geo location on you since by nature the CDN determines your rough location so it can route your request to a server that is close to you. It wouldn't be hard for them at all if they felt it was worth the cost of enforcing and protecting their property. That being said, do you realize how many people are downloading from their servers? Imagine the mountain of data they would need to review and how many people would be included in any kind of lawsuit. That doesn't mean they aren't willing at some point but right now I personally feel like it is probably a very large task for them. They chose to distribute the encrypted files blindly since it was assumed we couldn't use them anyway. Once again, use your best judgment because nobody knows for sure. They could have spent the last 3 months building the infrastructure needed to determine illegitimate downloads, track their IP's and put them on a list.
I also question how 'illegal' it is to simply download the files since there is no circumvention of their security measures at the point of downloading. We simply ask for a file and it gives it to us. It is only after we download that we begin to circumvent their security so we can install these files.