Preferably unzip in place, where it will be used (so you don't have to edit permissions manually). Alternatively, unzip it locally, and drop/upload the "blog" folder into the root of your web server. You can put it anywhere inside your web space, but in the root is cooler.
corzblog tries to figure out where in the server it is operating, but possibly this mechanism isn't foolproof. If you have troubles, you can hack the location into init.php, notes within.
You can access your blog right away if you like..
or you could create a virtual host or sub-domain specifically for your blog, something like..
2: ensure editable files and folders are writable
You should be good to go; permissions being stored in the zip (or when running php as a CGI); but it's possible that something happened to them in transit, getting moved around or uploaded, or whatever. simply; if the blog file isn't "writable", nothing you write can be saved! The same goes for archives and preference files. This is easy to fix..
In a unix/linux/mac os x shell, that would be:
chmod -R 777 *.blog
chmod -R 777 arc
chmod -R 777 inc/data/*
chmod -R 777 inc/data/.ht_corzblog.ini
Contrary to popular myth, there is nothing inherently insecure about world-writable files and folders.
You can also use your FTP client to change file and folder permissions, it's sometimes under "attributes" (set them to "ALL" for "Everyone/World", or equivalent). In aqua (Mac OS X) you can use the "get info" dialog. On Windoze servers, pop up a properties dialog for the file and go to the security tab, or you may prefer DOS "attrib".
Note: On windows servers, a hidden file will not be writeable by the server process. Check that!
3: edit your preferences.
Click the "configure" link to get to the preferences. Everything has help, just hover your mouse over an item for useful information. don't forget to set your password. When doing this, it's best to login to your blog over SSL (using https://your-domain.com/blog/), or else enter the FULL SERVER LOCATION of an external password file.
If you want to do something extremely non-standard, or highly advanced, there is probably a setting inside init.php, you may want to scroll through that. Hopefully most people shouldn't have to.