I don't know what kind of application you are creating, but one way you might be able to do this would be to let some of the code be handled on the server side (for example with php).
It'll be much harder for a hacker to interact with the server side code than with code that's sitting on his pc in the form of an application.
You could have your application send the HWID to your server and perform one or more tasks in your php code after you've confirmed the HWID is correct and then send the result of those performed tasks back to your application.
You might only want to do this for some parts/tasks of your application, just enough so that when the user is not using a legitimate version the application will effectively be broken.
Hopefully this helped