The fact that the website is implemented in C# is irrelavent - the backend language doesnt matter, it could even be COBOL ;)
Next, do you understand how session handling and authentication works in your app? I mean _really_ understand them, as in exactly what needs to be sent from the browser?
If not then thats the next thing to work on - if you dont understand how these things work then you will not be able to configure ZAP to handle them.
Cheers,
Simon