Should i install an antivirus on my windows 2008 server?

The decision as to whether or not you need antivirus should be based on what the server is doing. If you're serving websites and there is any way users can get data onto the server - file uploads, forum attachments, email, then you should be scanning these for viruses.

Will you be browsing the internet on your server? Will it be hosting email? If so then you need to consider AV.

There are also some exceptions, are you running SQL? Then you need to exclude some areas of that. Will you be running Exchange? You'll need a proper Exchange add-in for your AV to scan that.

What you also perhaps need to consider is what you will lose by running AV. If speed is an issue and AV is slowing your server down then sure you should consider whether you can do away with it, but if it will run in the background not causing an issue and may just save you one day, maybe it's worth it anyway? The cost of today's AV solutions is pretty minimal, especially if it's just for one server.

My personal preference is for something lightweight, so things like Macafee and Norton are out. I have used NOD32 in the past and it has performed well as has AVG's server editions.

Yes preferably, and when it comes to brand - the best bet is something you're already comfortable with or use on your clients.

Get the server version (if there is a special server version, sometimes it's just a matter of using the client edition as long as it's just an application server with no special needs (like e-mail, database aso).

If you don't run an entire management suit, set it up to deal with threats in a cautions manner, reporting problems first so you can check it out and decide before it wipes your client's web site data files due to "suspected malware" detected or something ;)