I don't think it is able to detect SQL injection. In most cases, SQL injection is an attack on the server
The HTTPS scan seems to be designed to detect "server to client" attacks but not all attacks of the HTTP protocol, such as malicious URLs, phishing pages, malicious JavaScript, and malware.
Actually, "HTTPS scanning" and "web scanning" almost detect the same types of attacks.
Due to TLS, the HTTPS traffic is encrypted; therefore, security apps (not only Kaspersky) have to proxy HTTPS traffic to inspect content. This is why it is referred to as "HTTPS scanning".