Adding Windows groups (local or domain) based security is best practice as it can help you in a situation where you loose credentials potentially.
You want to add Local Windows Administrators group to have SA or any other permissions in SQL. Ok you would think that it would be something like.
USE [master] GO CREATE LOGIN [<Server name>\administrators] FROM WINDOWS GO
Not quite… the <Server name> needs to be replaced by the keyword BUILTIN as in below
USE [master] GO CREATE LOGIN [builtin\administrators] FROM WINDOWS GO
Hope this saved you some headache today. Now you can proceed to define security for this group within SSMS or via TSQL