I mean, someone with the equipment and knowledge to do it would probably find it easier to just copy the way it works with their own code. If you are first to release the product with your IP it will anyway be know as the "original product" and the others as clones...no one wants a clone unless it's the only thing they can afford.
I do not agree with that. You need to consider your audience there, and as the OP mentioned, worried about the average "audience" copying the product if it's too easy to do, while the audience probably has no means of doing anything a bit too involved, even if that bit looks trivial to the seasoned engineers here. And if it's that easy to implement without even needing to copy it, then so be it, but I don't buy this either. You're largely overestimating the capabilities of people in general, and probably of the OP's audience in particular.
As I got it, it's a bit of a "niche" product. Niche products do not have the same appeal nor are the same targets for cloning/copying as more "mainstream" products. Just my 2 cents.
Other than that, I would agree with the fact the RP2040, or any MCU with external code memory for that matter, would not be the ideal choice, but I can understand the rationale if it fits the requirements otherwise, as it's cheap and reasonably available as of now, as opposed to many other MCUs out there.
An idea would be to encrypt the ciritical Flash content, and decrypt it at boot time. That would imply running most of the code (at least the "critical parts") from RAM, but given the RP2040 has a comfortable amount of it, that should be doable.
The encryption could be using a key unique to each product. See if the RP2040 has some kind of unique ID or serial number, I don't remember that. If so, you could devise an encryption scheme based on this. That would imply encrypting the Flash content at programming time, during production. That's also largely doable. While not hacker-proof much, this scheme would probably make it hard enough for your average joe to figure out, to be a better protection than potting.
Again, we are talking about making it tough for the average joe here, not about making the device impossible to hack. No approach can do that anyway.