We have the same situation, our product uses SQL as a backend.
I setup with the following:
1) create an installer with the right setup types/features, etc.
2) create another installer to install MSSQL
3) include the MSSQL (from microsoft) installer along with your software package.
4) in your installer for MSSQL, use a Run Program command in the [ Execute Programs ] section.

I have a series of dialog screens which collect DB name, SA password (with verification), and other info to set my Runtime Variables and if all is ok, set my %OKTOINSTALL% runtime variable. Then inside [ Execute Programs ] section, if %OKTOINSTALL% is good, use the runtime variables as command line parameters when running the program SQL2012Express_x86_EN.exe

Everyone has different ways of managing this, but this was my choice.