In all reality the process is not much different than validation of a user name and password; and from what you have provided your logic seems flawed, and I would suggest you rethink this process.
Your software generates a
fingerprint which is a completely valid thought; and could be a great password source.
Step 4:
Server checks this key if it is present validates it, if not, adds it in to database.
The problem I see is here- the way I am reading it would allow any installation to generate a valid key, as it would just be added to your license database if it does not already exist.
I do see a rather simple solution, and that would be to use the other half of the
username/password combination. Add a "license" of some sort as the username and then that could only be used once- it could even be email address or the associated order number of the purchase. This would allow you to have control of how many times this is installed as you would have a record of valid licenses that can generate passwords