Yes, you should install SEP on servers. They can be attacked like any other computers. But configuration settings of servers are often different. Read this document which deals with this subject:
Best Practices for Installing Symantec Endpoint Protection (SEP) on Windows Servers
http://www.symantec.com/docs/TECH92440
You should create special groups for your servers where you can set the appropriate settings for them, e.g. exclusions.
SEP 12.1 excludes Exchange 2010 files automatically, see this thread:
http://www.symantec.com/connect/forums/no-sep-121-auto-exclusions-exchange-2010
I'm not sure, but it's highly probable that auto exclusion for Exchange only works for default paths, as mentioned here.
There is no auto-exclusion of SQL Server files, you have to do it yourself:
How to exclude MS SQL files and folders using Centralized Exceptions
http://www.symantec.com/docs/TECH105240
It is an article for SEP 11, but the principles are the same.