I am encrypting a file using C# implementation of the AES algorithm. I am able to encrypt and decrypt successfully the file using a well-defined couple of IV and Key arrays.
I generate also the key and the IV from a password string with the SHA256 and MD5 algorithm as described here: Password as key for AES Encryption/Decryption
My question is: what is the best way to verify that the password used is the correct one, if I do not know what is the source file content?
First of all, to derive a key from a password you should use a Password Based Key Derivation Function, not just MD5. For .NET you could use the horribly named Rfc2898DeriveBytes which implements PBKDF2 (the RFC is the Password Based Encryption standard which also contains PBKDF1). To do that you should at least store a 64-128 bit random salt with the ciphertext and possibly also an iteration count. You can derive both the key and the IV using that method (the key will always be different anyway assuming you use a random salt).
Now there are two somewhat reliable ways of detecting that you are using the right password (and salt & iteration count): by using an authenticated cipher such as AES-GCM or by deriving even more bytes using PBKDF2. The first one doesn't require any additional storage. However, you have to try and decrypt the entire file before you know if the password is correct. The verification would also fail if the file itself gets changed.
Alternatively you could configure the PBKDF2 to use SHA-512. Then you can e.g. extract a 256 bit AES key, a 128 (or, for GCM, a 96) bit IV or nonce, as well as a 128 bit "verification value". This verification value you can store with the ciphertext. Now you can check that verification value and therefore verify the password correctness before you decrypt the file. Do indicate to your users that any (deliberate) change to the salt, iteration count, verification value or ciphertext may result in the key or password to be indicated as invalid.